Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-47162 (GCVE-0-2021-47162)
Vulnerability from cvelistv5
Published
2024-03-25 09:16
Modified
2025-05-04 12:41
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
tipc: skb_linearize the head skb when reassembling msgs
It's not a good idea to append the frag skb to a skb's frag_list if
the frag_list already has skbs from elsewhere, such as this skb was
created by pskb_copy() where the frag_list was cloned (all the skbs
in it were skb_get'ed) and shared by multiple skbs.
However, the new appended frag skb should have been only seen by the
current skb. Otherwise, it will cause use after free crashes as this
appended frag skb are seen by multiple skbs but it only got skb_get
called once.
The same thing happens with a skb updated by pskb_may_pull() with a
skb_cloned skb. Li Shuang has reported quite a few crashes caused
by this when doing testing over macvlan devices:
[] kernel BUG at net/core/skbuff.c:1970!
[] Call Trace:
[] skb_clone+0x4d/0xb0
[] macvlan_broadcast+0xd8/0x160 [macvlan]
[] macvlan_process_broadcast+0x148/0x150 [macvlan]
[] process_one_work+0x1a7/0x360
[] worker_thread+0x30/0x390
[] kernel BUG at mm/usercopy.c:102!
[] Call Trace:
[] __check_heap_object+0xd3/0x100
[] __check_object_size+0xff/0x16b
[] simple_copy_to_iter+0x1c/0x30
[] __skb_datagram_iter+0x7d/0x310
[] __skb_datagram_iter+0x2a5/0x310
[] skb_copy_datagram_iter+0x3b/0x90
[] tipc_recvmsg+0x14a/0x3a0 [tipc]
[] ____sys_recvmsg+0x91/0x150
[] ___sys_recvmsg+0x7b/0xc0
[] kernel BUG at mm/slub.c:305!
[] Call Trace:
[] <IRQ>
[] kmem_cache_free+0x3ff/0x400
[] __netif_receive_skb_core+0x12c/0xc40
[] ? kmem_cache_alloc+0x12e/0x270
[] netif_receive_skb_internal+0x3d/0xb0
[] ? get_rx_page_info+0x8e/0xa0 [be2net]
[] be_poll+0x6ef/0xd00 [be2net]
[] ? irq_exit+0x4f/0x100
[] net_rx_action+0x149/0x3b0
...
This patch is to fix it by linearizing the head skb if it has frag_list
set in tipc_buf_append(). Note that we choose to do this before calling
skb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can
not just drop the frag_list either as the early time.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ► | Linux | Linux |
Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: 45c8b7b175ceb2d542e0fe15247377bf3bce29ec Version: d45ed6c1ff20d3640a31f03816ca2d48fb7d6f22 Version: c19282fd54a19e4651a4e67836cd842082546677 |
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T20:36:04.317335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T20:36:12.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:24:39.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/tipc/msg.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b2c8d28c34b3070407cb1741f9ba3f15d0284b8b",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"lessThan": "5489f30bb78ff0dafb4229a69632afc2ba20765c",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"lessThan": "436d650d374329a591c30339a91fa5078052ed1e",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"lessThan": "4b1761898861117c97066aea6c58f68a7787f0bf",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"lessThan": "64d17ec9f1ded042c4b188d15734f33486ed9966",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"lessThan": "6da24cfc83ba4f97ea44fc7ae9999a006101755c",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"lessThan": "ace300eecbccaa698e2b472843c74a5f33f7dce8",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"lessThan": "b7df21cf1b79ab7026f545e7bf837bd5750ac026",
"status": "affected",
"version": "45c8b7b175ceb2d542e0fe15247377bf3bce29ec",
"versionType": "git"
},
{
"status": "affected",
"version": "d45ed6c1ff20d3640a31f03816ca2d48fb7d6f22",
"versionType": "git"
},
{
"status": "affected",
"version": "c19282fd54a19e4651a4e67836cd842082546677",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/tipc/msg.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.3"
},
{
"lessThan": "4.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.271",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.271",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.235",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.193",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.124",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.42",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.9",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.271",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.271",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.235",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.193",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.124",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.42",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.12.9",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.13",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T12:41:09.415Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
},
{
"url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
},
{
"url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
},
{
"url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
},
{
"url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
},
{
"url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
},
{
"url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
},
{
"url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
}
],
"title": "tipc: skb_linearize the head skb when reassembling msgs",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47162",
"datePublished": "2024-03-25T09:16:15.857Z",
"dateReserved": "2024-03-25T09:12:14.109Z",
"dateUpdated": "2025-05-04T12:41:09.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-47162\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-25T10:15:08.480\",\"lastModified\":\"2025-03-13T21:23:24.410\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntipc: skb_linearize the head skb when reassembling msgs\\n\\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\\nthe frag_list already has skbs from elsewhere, such as this skb was\\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\\nin it were skb_get\u0027ed) and shared by multiple skbs.\\n\\nHowever, the new appended frag skb should have been only seen by the\\ncurrent skb. Otherwise, it will cause use after free crashes as this\\nappended frag skb are seen by multiple skbs but it only got skb_get\\ncalled once.\\n\\nThe same thing happens with a skb updated by pskb_may_pull() with a\\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\\nby this when doing testing over macvlan devices:\\n\\n [] kernel BUG at net/core/skbuff.c:1970!\\n [] Call Trace:\\n [] skb_clone+0x4d/0xb0\\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\\n [] process_one_work+0x1a7/0x360\\n [] worker_thread+0x30/0x390\\n\\n [] kernel BUG at mm/usercopy.c:102!\\n [] Call Trace:\\n [] __check_heap_object+0xd3/0x100\\n [] __check_object_size+0xff/0x16b\\n [] simple_copy_to_iter+0x1c/0x30\\n [] __skb_datagram_iter+0x7d/0x310\\n [] __skb_datagram_iter+0x2a5/0x310\\n [] skb_copy_datagram_iter+0x3b/0x90\\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\\n [] ____sys_recvmsg+0x91/0x150\\n [] ___sys_recvmsg+0x7b/0xc0\\n\\n [] kernel BUG at mm/slub.c:305!\\n [] Call Trace:\\n [] \u003cIRQ\u003e\\n [] kmem_cache_free+0x3ff/0x400\\n [] __netif_receive_skb_core+0x12c/0xc40\\n [] ? kmem_cache_alloc+0x12e/0x270\\n [] netif_receive_skb_internal+0x3d/0xb0\\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\\n [] be_poll+0x6ef/0xd00 [be2net]\\n [] ? irq_exit+0x4f/0x100\\n [] net_rx_action+0x149/0x3b0\\n\\n ...\\n\\nThis patch is to fix it by linearizing the head skb if it has frag_list\\nset in tipc_buf_append(). Note that we choose to do this before calling\\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\\nnot just drop the frag_list either as the early time.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: skb_linearize el skb principal al volver a ensamblar mensajes No es una buena idea agregar el frag skb a la frag_list de un skb si la frag_list ya tiene skbs de otro lugar, como por ejemplo este skb fue creado por pskb_copy() donde se clon\u00f3 frag_list (todos los skbs que conten\u00eda fueron skb_get\u0027ed) y se comparti\u00f3 con varios skbs. Sin embargo, el nuevo fragmento skb adjunto solo deber\u00eda haber sido visto por el skb actual. De lo contrario, causar\u00e1 uso despu\u00e9s de fallas gratuitas, ya que varios skbs ven este fragmento skb agregado, pero solo se llam\u00f3 a skb_get una vez. Lo mismo sucede con un skb actualizado por pskb_may_pull() con un skb skb_cloned. Li Shuang ha informado de bastantes fallos causados por esto al realizar pruebas en dispositivos macvlan: [] \u00a1ERROR del kernel en net/core/skbuff.c:1970! [] Seguimiento de llamadas: [] skb_clone+0x4d/0xb0 [] macvlan_broadcast+0xd8/0x160 [macvlan] [] macvlan_process_broadcast+0x148/0x150 [macvlan] [] Process_one_work+0x1a7/0x360 [] trabajador_thread+0x30/0x390 [] ERROR del kernel en mm/usercopy.c:102! [] Seguimiento de llamadas: [] __check_heap_object+0xd3/0x100 [] __check_object_size+0xff/0x16b [] simple_copy_to_iter+0x1c/0x30 [] __skb_datagram_iter+0x7d/0x310 [] __skb_datagram_iter+0x2a5/0x310 [] skb_copy_datagram _iter+0x3b/0x90 [] tipc_recvmsg +0x14a/0x3a0 [tipc] [] ____sys_recvmsg+0x91/0x150 [] ___sys_recvmsg+0x7b/0xc0 [] \u00a1ERROR del kernel en mm/slub.c:305! [] Seguimiento de llamadas: [] [] kmem_cache_free+0x3ff/0x400 [] __netif_receive_skb_core+0x12c/0xc40 [] ? kmem_cache_alloc+0x12e/0x270 [] netif_receive_skb_internal+0x3d/0xb0 [] ? get_rx_page_info+0x8e/0xa0 [be2net] [] be_poll+0x6ef/0xd00 [be2net] [] ? irq_exit+0x4f/0x100 [] net_rx_action+0x149/0x3b0 ... Este parche es para solucionarlo linealizando el skb principal si tiene frag_list configurado en tipc_buf_append(). Tenga en cuenta que elegimos hacer esto antes de llamar a skb_unshare(), ya que __skb_linearize() evitar\u00e1 skb_copy(). Adem\u00e1s, tampoco podemos simplemente eliminar frag_list desde el principio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.3\",\"versionEndExcluding\":\"4.4.271\",\"matchCriteriaId\":\"48D6EB76-316E-412C-B3FF-6500D60AB68E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.271\",\"matchCriteriaId\":\"1E7DAE3A-78E9-45DB-96D8-4541CD7DC26B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.235\",\"matchCriteriaId\":\"03A23445-0C1A-42AB-AC5C-768360DDF32C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.193\",\"matchCriteriaId\":\"C8DEF3EC-88D9-4B89-8CF9-64BD6C863C9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.124\",\"matchCriteriaId\":\"06FE0F99-F7A9-462A-8355-30E2EDA9826B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.42\",\"matchCriteriaId\":\"C3E7E799-1C8A-45FB-9E07-4731996144C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.12.9\",\"matchCriteriaId\":\"2C8A1D02-81A7-44E5-ACFD-CC6A6694F930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"96AC23B2-D46A-49D9-8203-8E1BEDCA8532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA610E30-717C-4700-9F77-A3C9244F3BFD\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:24:39.945Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47162\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-26T20:36:04.317335Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-26T20:36:09.578Z\"}}], \"cna\": {\"title\": \"tipc: skb_linearize the head skb when reassembling msgs\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"b2c8d28c34b3070407cb1741f9ba3f15d0284b8b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"5489f30bb78ff0dafb4229a69632afc2ba20765c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"436d650d374329a591c30339a91fa5078052ed1e\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"4b1761898861117c97066aea6c58f68a7787f0bf\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"64d17ec9f1ded042c4b188d15734f33486ed9966\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"6da24cfc83ba4f97ea44fc7ae9999a006101755c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"ace300eecbccaa698e2b472843c74a5f33f7dce8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"45c8b7b175ceb2d542e0fe15247377bf3bce29ec\", \"lessThan\": \"b7df21cf1b79ab7026f545e7bf837bd5750ac026\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d45ed6c1ff20d3640a31f03816ca2d48fb7d6f22\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"c19282fd54a19e4651a4e67836cd842082546677\", \"versionType\": \"git\"}], \"programFiles\": [\"net/tipc/msg.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.3\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.3\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.4.271\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.4.*\"}, {\"status\": \"unaffected\", \"version\": \"4.9.271\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.9.*\"}, {\"status\": \"unaffected\", \"version\": \"4.14.235\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.193\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.124\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.42\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.9\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/tipc/msg.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b\"}, {\"url\": \"https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c\"}, {\"url\": \"https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e\"}, {\"url\": \"https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf\"}, {\"url\": \"https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966\"}, {\"url\": \"https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c\"}, {\"url\": \"https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8\"}, {\"url\": \"https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntipc: skb_linearize the head skb when reassembling msgs\\n\\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\\nthe frag_list already has skbs from elsewhere, such as this skb was\\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\\nin it were skb_get\u0027ed) and shared by multiple skbs.\\n\\nHowever, the new appended frag skb should have been only seen by the\\ncurrent skb. Otherwise, it will cause use after free crashes as this\\nappended frag skb are seen by multiple skbs but it only got skb_get\\ncalled once.\\n\\nThe same thing happens with a skb updated by pskb_may_pull() with a\\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\\nby this when doing testing over macvlan devices:\\n\\n [] kernel BUG at net/core/skbuff.c:1970!\\n [] Call Trace:\\n [] skb_clone+0x4d/0xb0\\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\\n [] process_one_work+0x1a7/0x360\\n [] worker_thread+0x30/0x390\\n\\n [] kernel BUG at mm/usercopy.c:102!\\n [] Call Trace:\\n [] __check_heap_object+0xd3/0x100\\n [] __check_object_size+0xff/0x16b\\n [] simple_copy_to_iter+0x1c/0x30\\n [] __skb_datagram_iter+0x7d/0x310\\n [] __skb_datagram_iter+0x2a5/0x310\\n [] skb_copy_datagram_iter+0x3b/0x90\\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\\n [] ____sys_recvmsg+0x91/0x150\\n [] ___sys_recvmsg+0x7b/0xc0\\n\\n [] kernel BUG at mm/slub.c:305!\\n [] Call Trace:\\n [] \u003cIRQ\u003e\\n [] kmem_cache_free+0x3ff/0x400\\n [] __netif_receive_skb_core+0x12c/0xc40\\n [] ? kmem_cache_alloc+0x12e/0x270\\n [] netif_receive_skb_internal+0x3d/0xb0\\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\\n [] be_poll+0x6ef/0xd00 [be2net]\\n [] ? irq_exit+0x4f/0x100\\n [] net_rx_action+0x149/0x3b0\\n\\n ...\\n\\nThis patch is to fix it by linearizing the head skb if it has frag_list\\nset in tipc_buf_append(). Note that we choose to do this before calling\\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\\nnot just drop the frag_list either as the early time.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.4.271\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.9.271\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.14.235\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.193\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.124\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.42\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.9\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.1.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.2.7\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T12:41:09.415Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-47162\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T12:41:09.415Z\", \"dateReserved\": \"2024-03-25T09:12:14.109Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-03-25T09:16:15.857Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
suse-su-2024:1646-1
Vulnerability from csaf_suse
Published
2024-05-14 14:30
Modified
2024-05-14 14:30
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).
- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
- CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442).
- CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554).
- CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580).
- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).
- CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662).
- CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521).
- CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528).
- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).
- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).
- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).
- CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611).
- CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706).
- CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743).
- CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625).
- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).
- CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794).
- CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).
- CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687).
- CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640).
- CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692).
- CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).
- CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769).
- CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).
- CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745).
- CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777).
- CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).
- CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).
- CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846).
- CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).
- CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).
- CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548).
- CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575).
- CVE-2021-47118: Fixed an use-after-free in init task's struct pid in pid (bsc#1221605).
- CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608).
- CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934).
- CVE-2021-47141: Fixed a null pointer dereference on priv->msix_vectors when driver is unloaded in gve (bsc#1221949).
- CVE-2021-47142: Fixed an use-after-free on ttm->sg in drm/amdgpu (bsc#1221952).
- CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).
- CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).
- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).
- CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).
- CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).
- CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).
- CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).
- CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998).
- CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991).
- CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002).
- CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000).
- CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994).
- CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993).
- CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997).
- CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001).
- CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999).
- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878)
- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
- CVE-2022-0487: Fixed use-after-free in moxart_remove in moxart-mmc (bsc#1194516).
- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
- CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162).
- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).
- CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).
- CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618).
- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)
- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)
- CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609).
- CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)
- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)
- CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).
- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
- CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975)
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).
- CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
- CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).
- CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).
- CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).
- CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).
- CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).
The following non-security bugs were fixed:
- Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).
- Input: drv260x - sleep between polling GO bit (git-fixes).
- Input: ipaq-micro-keys - add error handling for devm_kmemdup.
- Input: xpad - add PXN V900 support.
- USB: core: Fix deadlock in usb_deauthorize_interface().
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- bluetooth: btqca: Fixed a coding style error (git-fixes).
- bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).
- bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).
- bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
- bnx2x: Fix enabling network interfaces without VFs (git-fixes).
- bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
- doc/README.SUSE: Update information about module support status (jsc#PED-5759)
- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).
- ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).
- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).
- fuse: do not unhash root (bsc#1223954).
- iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).
- iommu/amd: Mark interrupt as managed (git-fixes).
- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).
- iommu/amd: Silence warnings under memory pressure (git-fixes).
- iommu: Check if group is NULL before remove device (git-fixes).
- kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi).
- lan78xx: Add missing return code checks (git-fixes).
- lan78xx: Add support to dump lan78xx registers (git-fixes).
- lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).
- lan78xx: Fix exception on link speed change (git-fixes).
- lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
- lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
- lan78xx: Fix white space and style issues (git-fixes).
- lan78xx: Modify error messages (git-fixes).
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).
- net/mlx5: Properly convey driver version to firmware (git-fixes).
- net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).
- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).
- net: lan78xx: Make declaration style consistent (git-fixes).
- net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
- net: lan78xx: remove set but not used variable 'event' (git-fixes).
- net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).
- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).
- net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git-fixes).
- nfs: Fix O_DIRECT commit verifier handling (git-fixes).
- nfs: Fix O_DIRECT locking issues (git-fixes).
- nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).
- nfs: Fix an off by one in root_nfs_cat() (git-fixes).
- nfs: Fix direct WRITE throughput regression (git-fixes).
- nfs: Fix error handling for O_DIRECT write scheduling (git-fixes).
- nfs: More O_DIRECT accounting fixes for error paths (git-fixes).
- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).
- nfs: commit errors should be fatal (git-fixes).
- nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).
- nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).
- nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- nfsd: Retransmit callbacks after client reconnects (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).
- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
- pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
- pci/aspm: Avoid link retraining race (git-fixes).
- pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).
- pci/aspm: Do not warn if already in common clock mode (git-fixes).
- pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).
- pci/aspm: Reduce severity of common clock config message (git-fixes).
- pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).
- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
- pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).
- pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).
- pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).
- pci/pm: Power up all devices during runtime resume (git-fixes).
- pci/sysfs: Protect driver's D3cold preference from user space (git-fixes).
- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
- pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).
- pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).
- pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).
- pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).
- pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
- pci: Rework pcie_retrain_link() wait loop (git-fixes).
- pci: aardvark: Fix setting MSI address (git-fixes).
- pci: aardvark: Fix support for MSI interrupts (git-fixes).
- pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
- pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).
- pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).
- pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).
- pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).
- pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
- pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).
- pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).
- pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).
- pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).
- pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).
- pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- tun: honor IOCB_NOWAIT flag (git-fixes).
- usb: dwc2: Fix memory leak in dwc2_hcd_init.
- usb: dwc2: check return value after calling platform_get_resource() (git-fixes).
- usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).
- usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
- usb: musb: Modify the 'HWVers' register address (git-fixes).
- usb: roles: do not get/set_role() when usb_role_switch is unregistered.
- usb: serial: option: add Fibocom L7xx modules (git-fixes).
- usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).
- usb: storage: set 1.50 as the lower bcdDevice for older 'Super Top' compatibility (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
- usb: usbfs: Do not WARN about excessively large memory allocations.
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
Patchnames
SUSE-2024-1646,SUSE-SLE-RT-12-SP5-2024-1646
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).\n- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).\n- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).\n- CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442).\n- CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554).\n- CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580).\n- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).\n- CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662).\n- CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521).\n- CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528).\n- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).\n- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).\n- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).\n- CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611).\n- CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706).\n- CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743).\n- CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625).\n- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).\n- CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794).\n- CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).\n- CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687).\n- CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640).\n- CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692).\n- CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).\n- CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769).\n- CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).\n- CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync\u0027ing SRCU (bsc#1220745).\n- CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777).\n- CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).\n- CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).\n- CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846).\n- CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).\n- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).\n- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).\n- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).\n- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).\n- CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).\n- CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548).\n- CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575).\n- CVE-2021-47118: Fixed an use-after-free in init task\u0027s struct pid in pid (bsc#1221605).\n- CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608).\n- CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934).\n- CVE-2021-47141: Fixed a null pointer dereference on priv-\u003emsix_vectors when driver is unloaded in gve (bsc#1221949).\n- CVE-2021-47142: Fixed an use-after-free on ttm-\u003esg in drm/amdgpu (bsc#1221952).\n- CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).\n- CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).\n- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).\n- CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).\n- CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).\n- CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).\n- CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).\n- CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998).\n- CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991).\n- CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002).\n- CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000).\n- CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994).\n- CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993).\n- CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997).\n- CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001).\n- CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999).\n- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).\n- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).\n- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).\n- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).\n- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).\n- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).\n- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878)\n- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).\n- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).\n- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).\n- CVE-2022-0487: Fixed use-after-free in moxart_remove in moxart-mmc (bsc#1194516).\n- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).\n- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223513).\n- CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).\n- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).\n- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).\n- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).\n- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).\n- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).\n- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).\n- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).\n- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).\n- CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162).\n- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).\n- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).\n- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).\n- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).\n- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).\n- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).\n- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).\n- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).\n- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).\n- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).\n- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).\n- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).\n- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).\n- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).\n- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).\n- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).\n- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).\n- CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).\n- CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)\n- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).\n- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).\n- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).\n- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).\n- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).\n- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).\n- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).\n- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).\n- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).\n- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).\n- CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618).\n- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).\n- CVE-2024-26614: Fixed the initialization of accept_queue\u0027s spinlocks (bsc#1221293).\n- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).\n- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).\n- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).\n- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).\n- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)\n- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)\n- CVE-2024-26747: Fixed a NULL pointer issue with USB parent module\u0027s reference (bsc#1222609).\n- CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).\n- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).\n- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)\n- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).\n- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).\n- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)\n- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)\n- CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).\n- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).\n- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).\n- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).\n- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).\n- CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975)\n- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).\n- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).\n- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).\n- CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).\n- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).\n- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).\n- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).\n- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).\n- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).\n- CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).\n- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).\n- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).\n- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).\n- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).\n- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).\n- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).\n- CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).\n- CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).\n- CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).\n- CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).\n- CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).\n\nThe following non-security bugs were fixed:\n\n- Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).\n- Input: drv260x - sleep between polling GO bit (git-fixes).\n- Input: ipaq-micro-keys - add error handling for devm_kmemdup.\n- Input: xpad - add PXN V900 support.\n- USB: core: Fix deadlock in usb_deauthorize_interface().\n- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).\n- atl1c: fix error return code in atl1c_probe() (git-fixes).\n- atl1e: fix error return code in atl1e_probe() (git-fixes).\n- bluetooth: btqca: Fixed a coding style error (git-fixes).\n- bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).\n- bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).\n- bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).\n- bnx2x: Fix enabling network interfaces without VFs (git-fixes).\n- bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).\n- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).\n- doc/README.SUSE: Update information about module support status (jsc#PED-5759)\n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).\n- ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).\n- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).\n- fuse: do not unhash root (bsc#1223954).\n- iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).\n- iommu/amd: Mark interrupt as managed (git-fixes).\n- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).\n- iommu/amd: Silence warnings under memory pressure (git-fixes).\n- iommu: Check if group is NULL before remove device (git-fixes).\n- kabi fix for pNFS: Fix the pnfs block driver\u0027s calculation of layoutget size (git-fixes).\n- kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi).\n- lan78xx: Add missing return code checks (git-fixes).\n- lan78xx: Add support to dump lan78xx registers (git-fixes).\n- lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).\n- lan78xx: Fix exception on link speed change (git-fixes).\n- lan78xx: Fix partial packet errors on suspend/resume (git-fixes).\n- lan78xx: Fix race conditions in suspend/resume handling (git-fixes).\n- lan78xx: Fix white space and style issues (git-fixes).\n- lan78xx: Modify error messages (git-fixes).\n- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).\n- net/mlx5: Properly convey driver version to firmware (git-fixes).\n- net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).\n- net: Fix features skip in for_each_netdev_feature() (git-fixes).\n- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).\n- net: atheros: switch from \u0027pci_\u0027 to \u0027dma_\u0027 API (git-fixes).\n- net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).\n- net: lan78xx: Make declaration style consistent (git-fixes).\n- net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).\n- net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).\n- net: lan78xx: remove set but not used variable \u0027event\u0027 (git-fixes).\n- net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).\n- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).\n- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).\n- net: usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).\n- net: usb: lan78xx: Remove lots of set but unused \u0027ret\u0027 variables (git-fixes).\n- nfs: Fix O_DIRECT commit verifier handling (git-fixes).\n- nfs: Fix O_DIRECT locking issues (git-fixes).\n- nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).\n- nfs: Fix an off by one in root_nfs_cat() (git-fixes).\n- nfs: Fix direct WRITE throughput regression (git-fixes).\n- nfs: Fix error handling for O_DIRECT write scheduling (git-fixes).\n- nfs: More O_DIRECT accounting fixes for error paths (git-fixes).\n- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).\n- nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).\n- nfs: commit errors should be fatal (git-fixes).\n- nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).\n- nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).\n- nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).\n- nfsd: Retransmit callbacks after client reconnects (git-fixes).\n- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).\n- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).\n- pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).\n- pci/aspm: Avoid link retraining race (git-fixes).\n- pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).\n- pci/aspm: Do not warn if already in common clock mode (git-fixes).\n- pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).\n- pci/aspm: Reduce severity of common clock config message (git-fixes).\n- pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).\n- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).\n- pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).\n- pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).\n- pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).\n- pci/pm: Power up all devices during runtime resume (git-fixes).\n- pci/sysfs: Protect driver\u0027s D3cold preference from user space (git-fixes).\n- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n- pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).\n- pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).\n- pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).\n- pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).\n- pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).\n- pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).\n- pci: Rework pcie_retrain_link() wait loop (git-fixes).\n- pci: aardvark: Fix setting MSI address (git-fixes).\n- pci: aardvark: Fix support for MSI interrupts (git-fixes).\n- pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).\n- pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).\n- pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).\n- pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).\n- pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).\n- pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).\n- pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).\n- pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).\n- pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).\n- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).\n- pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).\n- pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).\n- pnfs: Fix the pnfs block driver\u0027s calculation of layoutget size (git-fixes).\n- rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).\n- s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).\n- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).\n- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).\n- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).\n- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).\n- scsi: qla2xxx: Fix double free of fcport (bsc1221816).\n- scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer (bsc1221816).\n- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).\n- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).\n- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).\n- scsi: qla2xxx: Update manufacturer detail (bsc1221816).\n- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).\n- sr9800: Add check for usbnet_get_endpoints (git-fixes).\n- sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).\n- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).\n- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).\n- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).\n- tun: honor IOCB_NOWAIT flag (git-fixes).\n- usb: dwc2: Fix memory leak in dwc2_hcd_init.\n- usb: dwc2: check return value after calling platform_get_resource() (git-fixes).\n- usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).\n- usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).\n- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).\n- usb: musb: Modify the \u0027HWVers\u0027 register address (git-fixes).\n- usb: roles: do not get/set_role() when usb_role_switch is unregistered.\n- usb: serial: option: add Fibocom L7xx modules (git-fixes).\n- usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).\n- usb: storage: set 1.50 as the lower bcdDevice for older \u0027Super Top\u0027 compatibility (git-fixes).\n- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).\n- usb: usbfs: Do not WARN about excessively large memory allocations.\n- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).\n- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1646,SUSE-SLE-RT-12-SP5-2024-1646",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1646-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1646-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241646-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1646-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-May/035261.html"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1190317",
"url": "https://bugzilla.suse.com/1190317"
},
{
"category": "self",
"summary": "SUSE Bug 1190576",
"url": "https://bugzilla.suse.com/1190576"
},
{
"category": "self",
"summary": "SUSE Bug 1192145",
"url": "https://bugzilla.suse.com/1192145"
},
{
"category": "self",
"summary": "SUSE Bug 1194516",
"url": "https://bugzilla.suse.com/1194516"
},
{
"category": "self",
"summary": "SUSE Bug 1203935",
"url": "https://bugzilla.suse.com/1203935"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1217339",
"url": "https://bugzilla.suse.com/1217339"
},
{
"category": "self",
"summary": "SUSE Bug 1217987",
"url": "https://bugzilla.suse.com/1217987"
},
{
"category": "self",
"summary": "SUSE Bug 1217988",
"url": "https://bugzilla.suse.com/1217988"
},
{
"category": "self",
"summary": "SUSE Bug 1217989",
"url": "https://bugzilla.suse.com/1217989"
},
{
"category": "self",
"summary": "SUSE Bug 1218220",
"url": "https://bugzilla.suse.com/1218220"
},
{
"category": "self",
"summary": "SUSE Bug 1218336",
"url": "https://bugzilla.suse.com/1218336"
},
{
"category": "self",
"summary": "SUSE Bug 1218479",
"url": "https://bugzilla.suse.com/1218479"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1219104",
"url": "https://bugzilla.suse.com/1219104"
},
{
"category": "self",
"summary": "SUSE Bug 1219169",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "self",
"summary": "SUSE Bug 1219170",
"url": "https://bugzilla.suse.com/1219170"
},
{
"category": "self",
"summary": "SUSE Bug 1219618",
"url": "https://bugzilla.suse.com/1219618"
},
{
"category": "self",
"summary": "SUSE Bug 1219623",
"url": "https://bugzilla.suse.com/1219623"
},
{
"category": "self",
"summary": "SUSE Bug 1219847",
"url": "https://bugzilla.suse.com/1219847"
},
{
"category": "self",
"summary": "SUSE Bug 1220320",
"url": "https://bugzilla.suse.com/1220320"
},
{
"category": "self",
"summary": "SUSE Bug 1220366",
"url": "https://bugzilla.suse.com/1220366"
},
{
"category": "self",
"summary": "SUSE Bug 1220394",
"url": "https://bugzilla.suse.com/1220394"
},
{
"category": "self",
"summary": "SUSE Bug 1220411",
"url": "https://bugzilla.suse.com/1220411"
},
{
"category": "self",
"summary": "SUSE Bug 1220413",
"url": "https://bugzilla.suse.com/1220413"
},
{
"category": "self",
"summary": "SUSE Bug 1220416",
"url": "https://bugzilla.suse.com/1220416"
},
{
"category": "self",
"summary": "SUSE Bug 1220418",
"url": "https://bugzilla.suse.com/1220418"
},
{
"category": "self",
"summary": "SUSE Bug 1220442",
"url": "https://bugzilla.suse.com/1220442"
},
{
"category": "self",
"summary": "SUSE Bug 1220445",
"url": "https://bugzilla.suse.com/1220445"
},
{
"category": "self",
"summary": "SUSE Bug 1220521",
"url": "https://bugzilla.suse.com/1220521"
},
{
"category": "self",
"summary": "SUSE Bug 1220528",
"url": "https://bugzilla.suse.com/1220528"
},
{
"category": "self",
"summary": "SUSE Bug 1220536",
"url": "https://bugzilla.suse.com/1220536"
},
{
"category": "self",
"summary": "SUSE Bug 1220538",
"url": "https://bugzilla.suse.com/1220538"
},
{
"category": "self",
"summary": "SUSE Bug 1220554",
"url": "https://bugzilla.suse.com/1220554"
},
{
"category": "self",
"summary": "SUSE Bug 1220572",
"url": "https://bugzilla.suse.com/1220572"
},
{
"category": "self",
"summary": "SUSE Bug 1220580",
"url": "https://bugzilla.suse.com/1220580"
},
{
"category": "self",
"summary": "SUSE Bug 1220611",
"url": "https://bugzilla.suse.com/1220611"
},
{
"category": "self",
"summary": "SUSE Bug 1220625",
"url": "https://bugzilla.suse.com/1220625"
},
{
"category": "self",
"summary": "SUSE Bug 1220628",
"url": "https://bugzilla.suse.com/1220628"
},
{
"category": "self",
"summary": "SUSE Bug 1220637",
"url": "https://bugzilla.suse.com/1220637"
},
{
"category": "self",
"summary": "SUSE Bug 1220640",
"url": "https://bugzilla.suse.com/1220640"
},
{
"category": "self",
"summary": "SUSE Bug 1220662",
"url": "https://bugzilla.suse.com/1220662"
},
{
"category": "self",
"summary": "SUSE Bug 1220687",
"url": "https://bugzilla.suse.com/1220687"
},
{
"category": "self",
"summary": "SUSE Bug 1220692",
"url": "https://bugzilla.suse.com/1220692"
},
{
"category": "self",
"summary": "SUSE Bug 1220703",
"url": "https://bugzilla.suse.com/1220703"
},
{
"category": "self",
"summary": "SUSE Bug 1220706",
"url": "https://bugzilla.suse.com/1220706"
},
{
"category": "self",
"summary": "SUSE Bug 1220739",
"url": "https://bugzilla.suse.com/1220739"
},
{
"category": "self",
"summary": "SUSE Bug 1220742",
"url": "https://bugzilla.suse.com/1220742"
},
{
"category": "self",
"summary": "SUSE Bug 1220743",
"url": "https://bugzilla.suse.com/1220743"
},
{
"category": "self",
"summary": "SUSE Bug 1220745",
"url": "https://bugzilla.suse.com/1220745"
},
{
"category": "self",
"summary": "SUSE Bug 1220751",
"url": "https://bugzilla.suse.com/1220751"
},
{
"category": "self",
"summary": "SUSE Bug 1220768",
"url": "https://bugzilla.suse.com/1220768"
},
{
"category": "self",
"summary": "SUSE Bug 1220769",
"url": "https://bugzilla.suse.com/1220769"
},
{
"category": "self",
"summary": "SUSE Bug 1220777",
"url": "https://bugzilla.suse.com/1220777"
},
{
"category": "self",
"summary": "SUSE Bug 1220790",
"url": "https://bugzilla.suse.com/1220790"
},
{
"category": "self",
"summary": "SUSE Bug 1220794",
"url": "https://bugzilla.suse.com/1220794"
},
{
"category": "self",
"summary": "SUSE Bug 1220829",
"url": "https://bugzilla.suse.com/1220829"
},
{
"category": "self",
"summary": "SUSE Bug 1220836",
"url": "https://bugzilla.suse.com/1220836"
},
{
"category": "self",
"summary": "SUSE Bug 1220843",
"url": "https://bugzilla.suse.com/1220843"
},
{
"category": "self",
"summary": "SUSE Bug 1220846",
"url": "https://bugzilla.suse.com/1220846"
},
{
"category": "self",
"summary": "SUSE Bug 1220850",
"url": "https://bugzilla.suse.com/1220850"
},
{
"category": "self",
"summary": "SUSE Bug 1220871",
"url": "https://bugzilla.suse.com/1220871"
},
{
"category": "self",
"summary": "SUSE Bug 1220927",
"url": "https://bugzilla.suse.com/1220927"
},
{
"category": "self",
"summary": "SUSE Bug 1220960",
"url": "https://bugzilla.suse.com/1220960"
},
{
"category": "self",
"summary": "SUSE Bug 1220985",
"url": "https://bugzilla.suse.com/1220985"
},
{
"category": "self",
"summary": "SUSE Bug 1220987",
"url": "https://bugzilla.suse.com/1220987"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221046",
"url": "https://bugzilla.suse.com/1221046"
},
{
"category": "self",
"summary": "SUSE Bug 1221048",
"url": "https://bugzilla.suse.com/1221048"
},
{
"category": "self",
"summary": "SUSE Bug 1221058",
"url": "https://bugzilla.suse.com/1221058"
},
{
"category": "self",
"summary": "SUSE Bug 1221060",
"url": "https://bugzilla.suse.com/1221060"
},
{
"category": "self",
"summary": "SUSE Bug 1221061",
"url": "https://bugzilla.suse.com/1221061"
},
{
"category": "self",
"summary": "SUSE Bug 1221077",
"url": "https://bugzilla.suse.com/1221077"
},
{
"category": "self",
"summary": "SUSE Bug 1221082",
"url": "https://bugzilla.suse.com/1221082"
},
{
"category": "self",
"summary": "SUSE Bug 1221088",
"url": "https://bugzilla.suse.com/1221088"
},
{
"category": "self",
"summary": "SUSE Bug 1221162",
"url": "https://bugzilla.suse.com/1221162"
},
{
"category": "self",
"summary": "SUSE Bug 1221277",
"url": "https://bugzilla.suse.com/1221277"
},
{
"category": "self",
"summary": "SUSE Bug 1221293",
"url": "https://bugzilla.suse.com/1221293"
},
{
"category": "self",
"summary": "SUSE Bug 1221337",
"url": "https://bugzilla.suse.com/1221337"
},
{
"category": "self",
"summary": "SUSE Bug 1221532",
"url": "https://bugzilla.suse.com/1221532"
},
{
"category": "self",
"summary": "SUSE Bug 1221541",
"url": "https://bugzilla.suse.com/1221541"
},
{
"category": "self",
"summary": "SUSE Bug 1221548",
"url": "https://bugzilla.suse.com/1221548"
},
{
"category": "self",
"summary": "SUSE Bug 1221575",
"url": "https://bugzilla.suse.com/1221575"
},
{
"category": "self",
"summary": "SUSE Bug 1221605",
"url": "https://bugzilla.suse.com/1221605"
},
{
"category": "self",
"summary": "SUSE Bug 1221608",
"url": "https://bugzilla.suse.com/1221608"
},
{
"category": "self",
"summary": "SUSE Bug 1221617",
"url": "https://bugzilla.suse.com/1221617"
},
{
"category": "self",
"summary": "SUSE Bug 1221791",
"url": "https://bugzilla.suse.com/1221791"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221825",
"url": "https://bugzilla.suse.com/1221825"
},
{
"category": "self",
"summary": "SUSE Bug 1221830",
"url": "https://bugzilla.suse.com/1221830"
},
{
"category": "self",
"summary": "SUSE Bug 1221862",
"url": "https://bugzilla.suse.com/1221862"
},
{
"category": "self",
"summary": "SUSE Bug 1221934",
"url": "https://bugzilla.suse.com/1221934"
},
{
"category": "self",
"summary": "SUSE Bug 1221949",
"url": "https://bugzilla.suse.com/1221949"
},
{
"category": "self",
"summary": "SUSE Bug 1221952",
"url": "https://bugzilla.suse.com/1221952"
},
{
"category": "self",
"summary": "SUSE Bug 1221953",
"url": "https://bugzilla.suse.com/1221953"
},
{
"category": "self",
"summary": "SUSE Bug 1221965",
"url": "https://bugzilla.suse.com/1221965"
},
{
"category": "self",
"summary": "SUSE Bug 1221966",
"url": "https://bugzilla.suse.com/1221966"
},
{
"category": "self",
"summary": "SUSE Bug 1221967",
"url": "https://bugzilla.suse.com/1221967"
},
{
"category": "self",
"summary": "SUSE Bug 1221969",
"url": "https://bugzilla.suse.com/1221969"
},
{
"category": "self",
"summary": "SUSE Bug 1221972",
"url": "https://bugzilla.suse.com/1221972"
},
{
"category": "self",
"summary": "SUSE Bug 1221973",
"url": "https://bugzilla.suse.com/1221973"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1221979",
"url": "https://bugzilla.suse.com/1221979"
},
{
"category": "self",
"summary": "SUSE Bug 1221988",
"url": "https://bugzilla.suse.com/1221988"
},
{
"category": "self",
"summary": "SUSE Bug 1221991",
"url": "https://bugzilla.suse.com/1221991"
},
{
"category": "self",
"summary": "SUSE Bug 1221993",
"url": "https://bugzilla.suse.com/1221993"
},
{
"category": "self",
"summary": "SUSE Bug 1221994",
"url": "https://bugzilla.suse.com/1221994"
},
{
"category": "self",
"summary": "SUSE Bug 1221997",
"url": "https://bugzilla.suse.com/1221997"
},
{
"category": "self",
"summary": "SUSE Bug 1221998",
"url": "https://bugzilla.suse.com/1221998"
},
{
"category": "self",
"summary": "SUSE Bug 1221999",
"url": "https://bugzilla.suse.com/1221999"
},
{
"category": "self",
"summary": "SUSE Bug 1222000",
"url": "https://bugzilla.suse.com/1222000"
},
{
"category": "self",
"summary": "SUSE Bug 1222001",
"url": "https://bugzilla.suse.com/1222001"
},
{
"category": "self",
"summary": "SUSE Bug 1222002",
"url": "https://bugzilla.suse.com/1222002"
},
{
"category": "self",
"summary": "SUSE Bug 1222117",
"url": "https://bugzilla.suse.com/1222117"
},
{
"category": "self",
"summary": "SUSE Bug 1222294",
"url": "https://bugzilla.suse.com/1222294"
},
{
"category": "self",
"summary": "SUSE Bug 1222300",
"url": "https://bugzilla.suse.com/1222300"
},
{
"category": "self",
"summary": "SUSE Bug 1222357",
"url": "https://bugzilla.suse.com/1222357"
},
{
"category": "self",
"summary": "SUSE Bug 1222379",
"url": "https://bugzilla.suse.com/1222379"
},
{
"category": "self",
"summary": "SUSE Bug 1222422",
"url": "https://bugzilla.suse.com/1222422"
},
{
"category": "self",
"summary": "SUSE Bug 1222428",
"url": "https://bugzilla.suse.com/1222428"
},
{
"category": "self",
"summary": "SUSE Bug 1222449",
"url": "https://bugzilla.suse.com/1222449"
},
{
"category": "self",
"summary": "SUSE Bug 1222503",
"url": "https://bugzilla.suse.com/1222503"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222609",
"url": "https://bugzilla.suse.com/1222609"
},
{
"category": "self",
"summary": "SUSE Bug 1222610",
"url": "https://bugzilla.suse.com/1222610"
},
{
"category": "self",
"summary": "SUSE Bug 1222613",
"url": "https://bugzilla.suse.com/1222613"
},
{
"category": "self",
"summary": "SUSE Bug 1222618",
"url": "https://bugzilla.suse.com/1222618"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222624",
"url": "https://bugzilla.suse.com/1222624"
},
{
"category": "self",
"summary": "SUSE Bug 1222630",
"url": "https://bugzilla.suse.com/1222630"
},
{
"category": "self",
"summary": "SUSE Bug 1222632",
"url": "https://bugzilla.suse.com/1222632"
},
{
"category": "self",
"summary": "SUSE Bug 1222660",
"url": "https://bugzilla.suse.com/1222660"
},
{
"category": "self",
"summary": "SUSE Bug 1222662",
"url": "https://bugzilla.suse.com/1222662"
},
{
"category": "self",
"summary": "SUSE Bug 1222664",
"url": "https://bugzilla.suse.com/1222664"
},
{
"category": "self",
"summary": "SUSE Bug 1222666",
"url": "https://bugzilla.suse.com/1222666"
},
{
"category": "self",
"summary": "SUSE Bug 1222669",
"url": "https://bugzilla.suse.com/1222669"
},
{
"category": "self",
"summary": "SUSE Bug 1222671",
"url": "https://bugzilla.suse.com/1222671"
},
{
"category": "self",
"summary": "SUSE Bug 1222677",
"url": "https://bugzilla.suse.com/1222677"
},
{
"category": "self",
"summary": "SUSE Bug 1222706",
"url": "https://bugzilla.suse.com/1222706"
},
{
"category": "self",
"summary": "SUSE Bug 1222720",
"url": "https://bugzilla.suse.com/1222720"
},
{
"category": "self",
"summary": "SUSE Bug 1222765",
"url": "https://bugzilla.suse.com/1222765"
},
{
"category": "self",
"summary": "SUSE Bug 1222770",
"url": "https://bugzilla.suse.com/1222770"
},
{
"category": "self",
"summary": "SUSE Bug 1222772",
"url": "https://bugzilla.suse.com/1222772"
},
{
"category": "self",
"summary": "SUSE Bug 1222787",
"url": "https://bugzilla.suse.com/1222787"
},
{
"category": "self",
"summary": "SUSE Bug 1222790",
"url": "https://bugzilla.suse.com/1222790"
},
{
"category": "self",
"summary": "SUSE Bug 1222812",
"url": "https://bugzilla.suse.com/1222812"
},
{
"category": "self",
"summary": "SUSE Bug 1222836",
"url": "https://bugzilla.suse.com/1222836"
},
{
"category": "self",
"summary": "SUSE Bug 1222869",
"url": "https://bugzilla.suse.com/1222869"
},
{
"category": "self",
"summary": "SUSE Bug 1222876",
"url": "https://bugzilla.suse.com/1222876"
},
{
"category": "self",
"summary": "SUSE Bug 1222878",
"url": "https://bugzilla.suse.com/1222878"
},
{
"category": "self",
"summary": "SUSE Bug 1222881",
"url": "https://bugzilla.suse.com/1222881"
},
{
"category": "self",
"summary": "SUSE Bug 1222883",
"url": "https://bugzilla.suse.com/1222883"
},
{
"category": "self",
"summary": "SUSE Bug 1222888",
"url": "https://bugzilla.suse.com/1222888"
},
{
"category": "self",
"summary": "SUSE Bug 1222961",
"url": "https://bugzilla.suse.com/1222961"
},
{
"category": "self",
"summary": "SUSE Bug 1222975",
"url": "https://bugzilla.suse.com/1222975"
},
{
"category": "self",
"summary": "SUSE Bug 1222976",
"url": "https://bugzilla.suse.com/1222976"
},
{
"category": "self",
"summary": "SUSE Bug 1223016",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "self",
"summary": "SUSE Bug 1223035",
"url": "https://bugzilla.suse.com/1223035"
},
{
"category": "self",
"summary": "SUSE Bug 1223049",
"url": "https://bugzilla.suse.com/1223049"
},
{
"category": "self",
"summary": "SUSE Bug 1223051",
"url": "https://bugzilla.suse.com/1223051"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223058",
"url": "https://bugzilla.suse.com/1223058"
},
{
"category": "self",
"summary": "SUSE Bug 1223060",
"url": "https://bugzilla.suse.com/1223060"
},
{
"category": "self",
"summary": "SUSE Bug 1223187",
"url": "https://bugzilla.suse.com/1223187"
},
{
"category": "self",
"summary": "SUSE Bug 1223189",
"url": "https://bugzilla.suse.com/1223189"
},
{
"category": "self",
"summary": "SUSE Bug 1223198",
"url": "https://bugzilla.suse.com/1223198"
},
{
"category": "self",
"summary": "SUSE Bug 1223203",
"url": "https://bugzilla.suse.com/1223203"
},
{
"category": "self",
"summary": "SUSE Bug 1223315",
"url": "https://bugzilla.suse.com/1223315"
},
{
"category": "self",
"summary": "SUSE Bug 1223432",
"url": "https://bugzilla.suse.com/1223432"
},
{
"category": "self",
"summary": "SUSE Bug 1223509",
"url": "https://bugzilla.suse.com/1223509"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223513",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "self",
"summary": "SUSE Bug 1223516",
"url": "https://bugzilla.suse.com/1223516"
},
{
"category": "self",
"summary": "SUSE Bug 1223518",
"url": "https://bugzilla.suse.com/1223518"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223627",
"url": "https://bugzilla.suse.com/1223627"
},
{
"category": "self",
"summary": "SUSE Bug 1223664",
"url": "https://bugzilla.suse.com/1223664"
},
{
"category": "self",
"summary": "SUSE Bug 1223686",
"url": "https://bugzilla.suse.com/1223686"
},
{
"category": "self",
"summary": "SUSE Bug 1223693",
"url": "https://bugzilla.suse.com/1223693"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223735",
"url": "https://bugzilla.suse.com/1223735"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223745",
"url": "https://bugzilla.suse.com/1223745"
},
{
"category": "self",
"summary": "SUSE Bug 1223770",
"url": "https://bugzilla.suse.com/1223770"
},
{
"category": "self",
"summary": "SUSE Bug 1223781",
"url": "https://bugzilla.suse.com/1223781"
},
{
"category": "self",
"summary": "SUSE Bug 1223819",
"url": "https://bugzilla.suse.com/1223819"
},
{
"category": "self",
"summary": "SUSE Bug 1223824",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "self",
"summary": "SUSE Bug 1223827",
"url": "https://bugzilla.suse.com/1223827"
},
{
"category": "self",
"summary": "SUSE Bug 1223837",
"url": "https://bugzilla.suse.com/1223837"
},
{
"category": "self",
"summary": "SUSE Bug 1223842",
"url": "https://bugzilla.suse.com/1223842"
},
{
"category": "self",
"summary": "SUSE Bug 1223843",
"url": "https://bugzilla.suse.com/1223843"
},
{
"category": "self",
"summary": "SUSE Bug 1223844",
"url": "https://bugzilla.suse.com/1223844"
},
{
"category": "self",
"summary": "SUSE Bug 1223883",
"url": "https://bugzilla.suse.com/1223883"
},
{
"category": "self",
"summary": "SUSE Bug 1223885",
"url": "https://bugzilla.suse.com/1223885"
},
{
"category": "self",
"summary": "SUSE Bug 1223921",
"url": "https://bugzilla.suse.com/1223921"
},
{
"category": "self",
"summary": "SUSE Bug 1223941",
"url": "https://bugzilla.suse.com/1223941"
},
{
"category": "self",
"summary": "SUSE Bug 1223952",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "self",
"summary": "SUSE Bug 1223953",
"url": "https://bugzilla.suse.com/1223953"
},
{
"category": "self",
"summary": "SUSE Bug 1223954",
"url": "https://bugzilla.suse.com/1223954"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-25160 page",
"url": "https://www.suse.com/security/cve/CVE-2019-25160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46904 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46905 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46938 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46939 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46941 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46950 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46958 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46960 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46963 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46964 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46966 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46981 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46988 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46990 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46998 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47006 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47015 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47024 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47034 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47045 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47049 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47055 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47056 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47060 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47061 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47063 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47068 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47070 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47071 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47073 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47100 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47101 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47104 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47110 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47112 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47114 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47117 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47118 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47119 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47141 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47142 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47143 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47146 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47149 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47150 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47153 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47159 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47161 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47165 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47166 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47167 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47168 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47169 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47171 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47173 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47177 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47179 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47180 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47181 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47182 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47183 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47184 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47185 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47188 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47189 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47198 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47202 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47204 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47205 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47207 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47211 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47216 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47217 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0487 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48619 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48626 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48650 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48667 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48668 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48687 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48688 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48695 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48701 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52469 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52470 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52474 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52476 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52477 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52486 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52488 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52509 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52524 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52528 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52575 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52583 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52587 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52595 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52598 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52607 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52607/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52614 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52620 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52628 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52635 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52639 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52644 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52650 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6356 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7192 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2201 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-22099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-22099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26642 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26651 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26689 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26704 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26743 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26744 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26747 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26754 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26771 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26772 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26773 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26778 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26779 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26793 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26839 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26859 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27075 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-05-14T14:30:34Z",
"generator": {
"date": "2024-05-14T14:30:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1646-1",
"initial_release_date": "2024-05-14T14:30:34Z",
"revision_history": [
{
"date": "2024-05-14T14:30:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.182.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.182.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.182.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.182.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.182.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.182.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.182.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.182.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.182.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.182.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.182.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.182.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.182.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.182.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.182.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.182.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.182.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.182.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-25160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou\u0027ll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn\u0027t exist before\nLinux v4.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-25160",
"url": "https://www.suse.com/security/cve/CVE-2019-25160"
},
{
"category": "external",
"summary": "SUSE Bug 1220394 for CVE-2019-25160",
"url": "https://bugzilla.suse.com/1220394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2019-25160"
},
{
"cve": "CVE-2021-46904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix null-ptr-deref during tty device unregistration\n\nMultiple ttys try to claim the same the minor number causing a double\nunregistration of the same device. The first unregistration succeeds\nbut the next one results in a null-ptr-deref.\n\nThe get_free_serial_index() function returns an available minor number\nbut doesn\u0027t assign it immediately. The assignment is done by the caller\nlater. But before this assignment, calls to get_free_serial_index()\nwould return the same minor number.\n\nFix this by modifying get_free_serial_index to assign the minor number\nimmediately after one is found to be and rename it to obtain_minor()\nto better reflect what it does. Similary, rename set_serial_by_index()\nto release_minor() and modify it to free up the minor number of the\ngiven hso_serial. Every obtain_minor() should have corresponding\nrelease_minor() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46904",
"url": "https://www.suse.com/security/cve/CVE-2021-46904"
},
{
"category": "external",
"summary": "SUSE Bug 1220416 for CVE-2021-46904",
"url": "https://bugzilla.suse.com/1220416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46904"
},
{
"cve": "CVE-2021-46905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix NULL-deref on disconnect regression\n\nCommit 8a12f8836145 (\"net: hso: fix null-ptr-deref during tty device\nunregistration\") fixed the racy minor allocation reported by syzbot, but\nintroduced an unconditional NULL-pointer dereference on every disconnect\ninstead.\n\nSpecifically, the serial device table must no longer be accessed after\nthe minor has been released by hso_serial_tty_unregister().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46905",
"url": "https://www.suse.com/security/cve/CVE-2021-46905"
},
{
"category": "external",
"summary": "SUSE Bug 1220418 for CVE-2021-46905",
"url": "https://bugzilla.suse.com/1220418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46905"
},
{
"cve": "CVE-2021-46909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: footbridge: fix PCI interrupt mapping\n\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46909",
"url": "https://www.suse.com/security/cve/CVE-2021-46909"
},
{
"category": "external",
"summary": "SUSE Bug 1220442 for CVE-2021-46909",
"url": "https://bugzilla.suse.com/1220442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46909"
},
{
"cve": "CVE-2021-46938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm rq: fix double free of blk_mq_tag_set in dev remove after table load fails\n\nWhen loading a device-mapper table for a request-based mapped device,\nand the allocation/initialization of the blk_mq_tag_set for the device\nfails, a following device remove will cause a double free.\n\nE.g. (dmesg):\n device-mapper: core: Cannot initialize queue for request-based dm-mq mapped device\n device-mapper: ioctl: unable to set up device queue for new table.\n Unable to handle kernel pointer dereference in virtual kernel address space\n Failing address: 0305e098835de000 TEID: 0305e098835de803\n Fault in home space mode while using kernel ASCE.\n AS:000000025efe0007 R3:0000000000000024\n Oops: 0038 ilc:3 [#1] SMP\n Modules linked in: ... lots of modules ...\n Supported: Yes, External\n CPU: 0 PID: 7348 Comm: multipathd Kdump: loaded Tainted: G W X 5.3.18-53-default #1 SLE15-SP3\n Hardware name: IBM 8561 T01 7I2 (LPAR)\n Krnl PSW : 0704e00180000000 000000025e368eca (kfree+0x42/0x330)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n Krnl GPRS: 000000000000004a 000000025efe5230 c1773200d779968d 0000000000000000\n 000000025e520270 000000025e8d1b40 0000000000000003 00000007aae10000\n 000000025e5202a2 0000000000000001 c1773200d779968d 0305e098835de640\n 00000007a8170000 000003ff80138650 000000025e5202a2 000003e00396faa8\n Krnl Code: 000000025e368eb8: c4180041e100 lgrl %r1,25eba50b8\n 000000025e368ebe: ecba06b93a55 risbg %r11,%r10,6,185,58\n #000000025e368ec4: e3b010000008 ag %r11,0(%r1)\n \u003e000000025e368eca: e310b0080004 lg %r1,8(%r11)\n 000000025e368ed0: a7110001 tmll %r1,1\n 000000025e368ed4: a7740129 brc 7,25e369126\n 000000025e368ed8: e320b0080004 lg %r2,8(%r11)\n 000000025e368ede: b904001b lgr %r1,%r11\n Call Trace:\n [\u003c000000025e368eca\u003e] kfree+0x42/0x330\n [\u003c000000025e5202a2\u003e] blk_mq_free_tag_set+0x72/0xb8\n [\u003c000003ff801316a8\u003e] dm_mq_cleanup_mapped_device+0x38/0x50 [dm_mod]\n [\u003c000003ff80120082\u003e] free_dev+0x52/0xd0 [dm_mod]\n [\u003c000003ff801233f0\u003e] __dm_destroy+0x150/0x1d0 [dm_mod]\n [\u003c000003ff8012bb9a\u003e] dev_remove+0x162/0x1c0 [dm_mod]\n [\u003c000003ff8012a988\u003e] ctl_ioctl+0x198/0x478 [dm_mod]\n [\u003c000003ff8012ac8a\u003e] dm_ctl_ioctl+0x22/0x38 [dm_mod]\n [\u003c000000025e3b11ee\u003e] ksys_ioctl+0xbe/0xe0\n [\u003c000000025e3b127a\u003e] __s390x_sys_ioctl+0x2a/0x40\n [\u003c000000025e8c15ac\u003e] system_call+0xd8/0x2c8\n Last Breaking-Event-Address:\n [\u003c000000025e52029c\u003e] blk_mq_free_tag_set+0x6c/0xb8\n Kernel panic - not syncing: Fatal exception: panic_on_oops\n\nWhen allocation/initialization of the blk_mq_tag_set fails in\ndm_mq_init_request_queue(), it is uninitialized/freed, but the pointer\nis not reset to NULL; so when dev_remove() later gets into\ndm_mq_cleanup_mapped_device() it sees the pointer and tries to\nuninitialize and free it again.\n\nFix this by setting the pointer to NULL in dm_mq_init_request_queue()\nerror-handling. Also set it to NULL in dm_mq_cleanup_mapped_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46938",
"url": "https://www.suse.com/security/cve/CVE-2021-46938"
},
{
"category": "external",
"summary": "SUSE Bug 1220554 for CVE-2021-46938",
"url": "https://bugzilla.suse.com/1220554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46938"
},
{
"cve": "CVE-2021-46939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Restructure trace_clock_global() to never block\n\nIt was reported that a fix to the ring buffer recursion detection would\ncause a hung machine when performing suspend / resume testing. The\nfollowing backtrace was extracted from debugging that case:\n\nCall Trace:\n trace_clock_global+0x91/0xa0\n __rb_reserve_next+0x237/0x460\n ring_buffer_lock_reserve+0x12a/0x3f0\n trace_buffer_lock_reserve+0x10/0x50\n __trace_graph_return+0x1f/0x80\n trace_graph_return+0xb7/0xf0\n ? trace_clock_global+0x91/0xa0\n ftrace_return_to_handler+0x8b/0xf0\n ? pv_hash+0xa0/0xa0\n return_to_handler+0x15/0x30\n ? ftrace_graph_caller+0xa0/0xa0\n ? trace_clock_global+0x91/0xa0\n ? __rb_reserve_next+0x237/0x460\n ? ring_buffer_lock_reserve+0x12a/0x3f0\n ? trace_event_buffer_lock_reserve+0x3c/0x120\n ? trace_event_buffer_reserve+0x6b/0xc0\n ? trace_event_raw_event_device_pm_callback_start+0x125/0x2d0\n ? dpm_run_callback+0x3b/0xc0\n ? pm_ops_is_empty+0x50/0x50\n ? platform_get_irq_byname_optional+0x90/0x90\n ? trace_device_pm_callback_start+0x82/0xd0\n ? dpm_run_callback+0x49/0xc0\n\nWith the following RIP:\n\nRIP: 0010:native_queued_spin_lock_slowpath+0x69/0x200\n\nSince the fix to the recursion detection would allow a single recursion to\nhappen while tracing, this lead to the trace_clock_global() taking a spin\nlock and then trying to take it again:\n\nring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* lock taken */\n (something else gets traced by function graph tracer)\n ring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* DEAD LOCK! */\n\nTracing should *never* block, as it can lead to strange lockups like the\nabove.\n\nRestructure the trace_clock_global() code to instead of simply taking a\nlock to update the recorded \"prev_time\" simply use it, as two events\nhappening on two different CPUs that calls this at the same time, really\ndoesn\u0027t matter which one goes first. Use a trylock to grab the lock for\nupdating the prev_time, and if it fails, simply try again the next time.\nIf it failed to be taken, that means something else is already updating\nit.\n\n\nBugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=212761",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46939",
"url": "https://www.suse.com/security/cve/CVE-2021-46939"
},
{
"category": "external",
"summary": "SUSE Bug 1220580 for CVE-2021-46939",
"url": "https://bugzilla.suse.com/1220580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46939"
},
{
"cve": "CVE-2021-46941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: core: Do core softreset when switch mode\n\n\nAccording to the programming guide, to switch mode for DRD controller,\nthe driver needs to do the following.\n\nTo switch from device to host:\n1. Reset controller with GCTL.CoreSoftReset\n2. Set GCTL.PrtCapDir(host mode)\n3. Reset the host with USBCMD.HCRESET\n4. Then follow up with the initializing host registers sequence\n\nTo switch from host to device:\n1. Reset controller with GCTL.CoreSoftReset\n2. Set GCTL.PrtCapDir(device mode)\n3. Reset the device with DCTL.CSftRst\n4. Then follow up with the initializing registers sequence\n\nCurrently we\u0027re missing step 1) to do GCTL.CoreSoftReset and step 3) of\nswitching from host to device. John Stult reported a lockup issue seen\nwith HiKey960 platform without these steps[1]. Similar issue is observed\nwith Ferry\u0027s testing platform[2].\n\nSo, apply the required steps along with some fixes to Yu Chen\u0027s and John\nStultz\u0027s version. The main fixes to their versions are the missing wait\nfor clocks synchronization before clearing GCTL.CoreSoftReset and only\napply DCTL.CSftRst when switching from host to device.\n\n[1] https://lore.kernel.org/linux-usb/20210108015115.27920-1-john.stultz@linaro.org/\n[2] https://lore.kernel.org/linux-usb/0ba7a6ba-e6a7-9cd4-0695-64fc927e01f1@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46941",
"url": "https://www.suse.com/security/cve/CVE-2021-46941"
},
{
"category": "external",
"summary": "SUSE Bug 1220628 for CVE-2021-46941",
"url": "https://bugzilla.suse.com/1220628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46941"
},
{
"cve": "CVE-2021-46950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: properly indicate failure when ending a failed write request\n\nThis patch addresses a data corruption bug in raid1 arrays using bitmaps.\nWithout this fix, the bitmap bits for the failed I/O end up being cleared.\n\nSince we are in the failure leg of raid1_end_write_request, the request\neither needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46950",
"url": "https://www.suse.com/security/cve/CVE-2021-46950"
},
{
"category": "external",
"summary": "SUSE Bug 1220662 for CVE-2021-46950",
"url": "https://bugzilla.suse.com/1220662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46950"
},
{
"cve": "CVE-2021-46958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between transaction aborts and fsyncs leading to use-after-free\n\nThere is a race between a task aborting a transaction during a commit,\na task doing an fsync and the transaction kthread, which leads to an\nuse-after-free of the log root tree. When this happens, it results in a\nstack trace like the following:\n\n BTRFS info (device dm-0): forced readonly\n BTRFS warning (device dm-0): Skipping commit of aborted transaction.\n BTRFS: error (device dm-0) in cleanup_transaction:1958: errno=-5 IO failure\n BTRFS warning (device dm-0): lost page write due to IO error on /dev/mapper/error-test (-5)\n BTRFS warning (device dm-0): Skipping commit of aborted transaction.\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0xa4e8 len 4096 err no 10\n BTRFS error (device dm-0): error writing primary super block to device 1\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e000 len 4096 err no 10\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e008 len 4096 err no 10\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e010 len 4096 err no 10\n BTRFS: error (device dm-0) in write_all_supers:4110: errno=-5 IO failure (1 errors while writing supers)\n BTRFS: error (device dm-0) in btrfs_sync_log:3308: errno=-5 IO failure\n general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b68: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI\n CPU: 2 PID: 2458471 Comm: fsstress Not tainted 5.12.0-rc5-btrfs-next-84 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__mutex_lock+0x139/0xa40\n Code: c0 74 19 (...)\n RSP: 0018:ffff9f18830d7b00 EFLAGS: 00010202\n RAX: 6b6b6b6b6b6b6b68 RBX: 0000000000000001 RCX: 0000000000000002\n RDX: ffffffffb9c54d13 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff9f18830d7bc0 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff9f18830d7be0 R11: 0000000000000001 R12: ffff8c6cd199c040\n R13: ffff8c6c95821358 R14: 00000000fffffffb R15: ffff8c6cbcf01358\n FS: 00007fa9140c2b80(0000) GS:ffff8c6fac600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fa913d52000 CR3: 000000013d2b4003 CR4: 0000000000370ee0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? __btrfs_handle_fs_error+0xde/0x146 [btrfs]\n ? btrfs_sync_log+0x7c1/0xf20 [btrfs]\n ? btrfs_sync_log+0x7c1/0xf20 [btrfs]\n btrfs_sync_log+0x7c1/0xf20 [btrfs]\n btrfs_sync_file+0x40c/0x580 [btrfs]\n do_fsync+0x38/0x70\n __x64_sys_fsync+0x10/0x20\n do_syscall_64+0x33/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7fa9142a55c3\n Code: 8b 15 09 (...)\n RSP: 002b:00007fff26278d48 EFLAGS: 00000246 ORIG_RAX: 000000000000004a\n RAX: ffffffffffffffda RBX: 0000563c83cb4560 RCX: 00007fa9142a55c3\n RDX: 00007fff26278cb0 RSI: 00007fff26278cb0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 0000000000000001 R09: 00007fff26278d5c\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000340\n R13: 00007fff26278de0 R14: 00007fff26278d96 R15: 0000563c83ca57c0\n Modules linked in: btrfs dm_zero dm_snapshot dm_thin_pool (...)\n ---[ end trace ee2f1b19327d791d ]---\n\nThe steps that lead to this crash are the following:\n\n1) We are at transaction N;\n\n2) We have two tasks with a transaction handle attached to transaction N.\n Task A and Task B. Task B is doing an fsync;\n\n3) Task B is at btrfs_sync_log(), and has saved fs_info-\u003elog_root_tree\n into a local variable named \u0027log_root_tree\u0027 at the top of\n btrfs_sync_log(). Task B is about to call write_all_supers(), but\n before that...\n\n4) Task A calls btrfs_commit_transaction(), and after it sets the\n transaction state to TRANS_STATE_COMMIT_START, an error happens before\n it w\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46958",
"url": "https://www.suse.com/security/cve/CVE-2021-46958"
},
{
"category": "external",
"summary": "SUSE Bug 1220521 for CVE-2021-46958",
"url": "https://bugzilla.suse.com/1220521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46958"
},
{
"cve": "CVE-2021-46960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Return correct error code from smb2_get_enc_key\n\nAvoid a warning if the error percolates back up:\n\n[440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: Could not get encryption key\n[440700.386947] ------------[ cut here ]------------\n[440700.386948] err = 1\n[440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70\n...\n[440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu\n...\n[440700.397334] Call Trace:\n[440700.397346] __filemap_set_wb_err+0x1a/0x70\n[440700.397419] cifs_writepages+0x9c7/0xb30 [cifs]\n[440700.397426] do_writepages+0x4b/0xe0\n[440700.397444] __filemap_fdatawrite_range+0xcb/0x100\n[440700.397455] filemap_write_and_wait+0x42/0xa0\n[440700.397486] cifs_setattr+0x68b/0xf30 [cifs]\n[440700.397493] notify_change+0x358/0x4a0\n[440700.397500] utimes_common+0xe9/0x1c0\n[440700.397510] do_utimes+0xc5/0x150\n[440700.397520] __x64_sys_utimensat+0x88/0xd0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46960",
"url": "https://www.suse.com/security/cve/CVE-2021-46960"
},
{
"category": "external",
"summary": "SUSE Bug 1220528 for CVE-2021-46960",
"url": "https://bugzilla.suse.com/1220528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46960"
},
{
"cve": "CVE-2021-46963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()\n\n RIP: 0010:kmem_cache_free+0xfa/0x1b0\n Call Trace:\n qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx]\n scsi_queue_rq+0x5e2/0xa40\n __blk_mq_try_issue_directly+0x128/0x1d0\n blk_mq_request_issue_directly+0x4e/0xb0\n\nFix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now\nallocated by upper layers. This fixes smatch warning of srb unintended\nfree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46963",
"url": "https://www.suse.com/security/cve/CVE-2021-46963"
},
{
"category": "external",
"summary": "SUSE Bug 1220536 for CVE-2021-46963",
"url": "https://bugzilla.suse.com/1220536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46963"
},
{
"cve": "CVE-2021-46964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Reserve extra IRQ vectors\n\nCommit a6dcfe08487e (\"scsi: qla2xxx: Limit interrupt vectors to number of\nCPUs\") lowers the number of allocated MSI-X vectors to the number of CPUs.\n\nThat breaks vector allocation assumptions in qla83xx_iospace_config(),\nqla24xx_enable_msix() and qla2x00_iospace_config(). Either of the functions\ncomputes maximum number of qpairs as:\n\n ha-\u003emax_qpairs = ha-\u003emsix_count - 1 (MB interrupt) - 1 (default\n response queue) - 1 (ATIO, in dual or pure target mode)\n\nmax_qpairs is set to zero in case of two CPUs and initiator mode. The\nnumber is then used to allocate ha-\u003equeue_pair_map inside\nqla2x00_alloc_queues(). No allocation happens and ha-\u003equeue_pair_map is\nleft NULL but the driver thinks there are queue pairs available.\n\nqla2xxx_queuecommand() tries to find a qpair in the map and crashes:\n\n if (ha-\u003emqenable) {\n uint32_t tag;\n uint16_t hwq;\n struct qla_qpair *qpair = NULL;\n\n tag = blk_mq_unique_tag(cmd-\u003erequest);\n hwq = blk_mq_unique_tag_to_hwq(tag);\n qpair = ha-\u003equeue_pair_map[hwq]; # \u003c- HERE\n\n if (qpair)\n return qla2xxx_mqueuecommand(host, cmd, qpair);\n }\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP PTI\n CPU: 0 PID: 72 Comm: kworker/u4:3 Tainted: G W 5.10.0-rc1+ #25\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014\n Workqueue: scsi_wq_7 fc_scsi_scan_rport [scsi_transport_fc]\n RIP: 0010:qla2xxx_queuecommand+0x16b/0x3f0 [qla2xxx]\n Call Trace:\n scsi_queue_rq+0x58c/0xa60\n blk_mq_dispatch_rq_list+0x2b7/0x6f0\n ? __sbitmap_get_word+0x2a/0x80\n __blk_mq_sched_dispatch_requests+0xb8/0x170\n blk_mq_sched_dispatch_requests+0x2b/0x50\n __blk_mq_run_hw_queue+0x49/0xb0\n __blk_mq_delay_run_hw_queue+0xfb/0x150\n blk_mq_sched_insert_request+0xbe/0x110\n blk_execute_rq+0x45/0x70\n __scsi_execute+0x10e/0x250\n scsi_probe_and_add_lun+0x228/0xda0\n __scsi_scan_target+0xf4/0x620\n ? __pm_runtime_resume+0x4f/0x70\n scsi_scan_target+0x100/0x110\n fc_scsi_scan_rport+0xa1/0xb0 [scsi_transport_fc]\n process_one_work+0x1ea/0x3b0\n worker_thread+0x28/0x3b0\n ? process_one_work+0x3b0/0x3b0\n kthread+0x112/0x130\n ? kthread_park+0x80/0x80\n ret_from_fork+0x22/0x30\n\nThe driver should allocate enough vectors to provide every CPU it\u0027s own HW\nqueue and still handle reserved (MB, RSP, ATIO) interrupts.\n\nThe change fixes the crash on dual core VM and prevents unbalanced QP\nallocation where nr_hw_queues is two less than the number of CPUs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46964",
"url": "https://www.suse.com/security/cve/CVE-2021-46964"
},
{
"category": "external",
"summary": "SUSE Bug 1220538 for CVE-2021-46964",
"url": "https://bugzilla.suse.com/1220538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46964"
},
{
"cve": "CVE-2021-46966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: custom_method: fix potential use-after-free issue\n\nIn cm_write(), buf is always freed when reaching the end of the\nfunction. If the requested count is less than table.length, the\nallocated buffer will be freed but subsequent calls to cm_write() will\nstill try to access it.\n\nRemove the unconditional kfree(buf) at the end of the function and\nset the buf to NULL in the -EINVAL error path to match the rest of\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46966",
"url": "https://www.suse.com/security/cve/CVE-2021-46966"
},
{
"category": "external",
"summary": "SUSE Bug 1220572 for CVE-2021-46966",
"url": "https://bugzilla.suse.com/1220572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46966"
},
{
"cve": "CVE-2021-46981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: Fix NULL pointer in flush_workqueue\n\nOpen /dev/nbdX first, the config_refs will be 1 and\nthe pointers in nbd_device are still null. Disconnect\n/dev/nbdX, then reference a null recv_workq. The\nprotection by config_refs in nbd_genl_disconnect is useless.\n\n[ 656.366194] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 656.368943] #PF: supervisor write access in kernel mode\n[ 656.369844] #PF: error_code(0x0002) - not-present page\n[ 656.370717] PGD 10cc87067 P4D 10cc87067 PUD 1074b4067 PMD 0\n[ 656.371693] Oops: 0002 [#1] SMP\n[ 656.372242] CPU: 5 PID: 7977 Comm: nbd-client Not tainted 5.11.0-rc5-00040-g76c057c84d28 #1\n[ 656.373661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\n[ 656.375904] RIP: 0010:mutex_lock+0x29/0x60\n[ 656.376627] Code: 00 0f 1f 44 00 00 55 48 89 fd 48 83 05 6f d7 fe 08 01 e8 7a c3 ff ff 48 83 05 6a d7 fe 08 01 31 c0 65 48 8b 14 25 00 6d 01 00 \u003cf0\u003e 48 0f b1 55 d\n[ 656.378934] RSP: 0018:ffffc900005eb9b0 EFLAGS: 00010246\n[ 656.379350] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 656.379915] RDX: ffff888104cf2600 RSI: ffffffffaae8f452 RDI: 0000000000000020\n[ 656.380473] RBP: 0000000000000020 R08: 0000000000000000 R09: ffff88813bd6b318\n[ 656.381039] R10: 00000000000000c7 R11: fefefefefefefeff R12: ffff888102710b40\n[ 656.381599] R13: ffffc900005eb9e0 R14: ffffffffb2930680 R15: ffff88810770ef00\n[ 656.382166] FS: 00007fdf117ebb40(0000) GS:ffff88813bd40000(0000) knlGS:0000000000000000\n[ 656.382806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 656.383261] CR2: 0000000000000020 CR3: 0000000100c84000 CR4: 00000000000006e0\n[ 656.383819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 656.384370] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 656.384927] Call Trace:\n[ 656.385111] flush_workqueue+0x92/0x6c0\n[ 656.385395] nbd_disconnect_and_put+0x81/0xd0\n[ 656.385716] nbd_genl_disconnect+0x125/0x2a0\n[ 656.386034] genl_family_rcv_msg_doit.isra.0+0x102/0x1b0\n[ 656.386422] genl_rcv_msg+0xfc/0x2b0\n[ 656.386685] ? nbd_ioctl+0x490/0x490\n[ 656.386954] ? genl_family_rcv_msg_doit.isra.0+0x1b0/0x1b0\n[ 656.387354] netlink_rcv_skb+0x62/0x180\n[ 656.387638] genl_rcv+0x34/0x60\n[ 656.387874] netlink_unicast+0x26d/0x590\n[ 656.388162] netlink_sendmsg+0x398/0x6c0\n[ 656.388451] ? netlink_rcv_skb+0x180/0x180\n[ 656.388750] ____sys_sendmsg+0x1da/0x320\n[ 656.389038] ? ____sys_recvmsg+0x130/0x220\n[ 656.389334] ___sys_sendmsg+0x8e/0xf0\n[ 656.389605] ? ___sys_recvmsg+0xa2/0xf0\n[ 656.389889] ? handle_mm_fault+0x1671/0x21d0\n[ 656.390201] __sys_sendmsg+0x6d/0xe0\n[ 656.390464] __x64_sys_sendmsg+0x23/0x30\n[ 656.390751] do_syscall_64+0x45/0x70\n[ 656.391017] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nTo fix it, just add if (nbd-\u003erecv_workq) to nbd_disconnect_and_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46981",
"url": "https://www.suse.com/security/cve/CVE-2021-46981"
},
{
"category": "external",
"summary": "SUSE Bug 1220611 for CVE-2021-46981",
"url": "https://bugzilla.suse.com/1220611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46981"
},
{
"cve": "CVE-2021-46988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: release page in error path to avoid BUG_ON\n\nConsider the following sequence of events:\n\n1. Userspace issues a UFFD ioctl, which ends up calling into\n shmem_mfill_atomic_pte(). We successfully account the blocks, we\n shmem_alloc_page(), but then the copy_from_user() fails. We return\n -ENOENT. We don\u0027t release the page we allocated.\n2. Our caller detects this error code, tries the copy_from_user() after\n dropping the mmap_lock, and retries, calling back into\n shmem_mfill_atomic_pte().\n3. Meanwhile, let\u0027s say another process filled up the tmpfs being used.\n4. So shmem_mfill_atomic_pte() fails to account blocks this time, and\n immediately returns - without releasing the page.\n\nThis triggers a BUG_ON in our caller, which asserts that the page\nshould always be consumed, unless -ENOENT is returned.\n\nTo fix this, detect if we have such a \"dangling\" page when accounting\nfails, and if so, release it before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46988",
"url": "https://www.suse.com/security/cve/CVE-2021-46988"
},
{
"category": "external",
"summary": "SUSE Bug 1220706 for CVE-2021-46988",
"url": "https://bugzilla.suse.com/1220706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46988"
},
{
"cve": "CVE-2021-46990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix crashes when toggling entry flush barrier\n\nThe entry flush mitigation can be enabled/disabled at runtime via a\ndebugfs file (entry_flush), which causes the kernel to patch itself to\nenable/disable the relevant mitigations.\n\nHowever depending on which mitigation we\u0027re using, it may not be safe to\ndo that patching while other CPUs are active. For example the following\ncrash:\n\n sleeper[15639]: segfault (11) at c000000000004c20 nip c000000000004c20 lr c000000000004c20\n\nShows that we returned to userspace with a corrupted LR that points into\nthe kernel, due to executing the partially patched call to the fallback\nentry flush (ie. we missed the LR restore).\n\nFix it by doing the patching under stop machine. The CPUs that aren\u0027t\ndoing the patching will be spinning in the core of the stop machine\nlogic. That is currently sufficient for our purposes, because none of\nthe patching we do is to that code or anywhere in the vicinity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46990",
"url": "https://www.suse.com/security/cve/CVE-2021-46990"
},
{
"category": "external",
"summary": "SUSE Bug 1220743 for CVE-2021-46990",
"url": "https://bugzilla.suse.com/1220743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46990"
},
{
"cve": "CVE-2021-46998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet:enic: Fix a use after free bug in enic_hard_start_xmit\n\nIn enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside\nenic_queue_wq_skb, if some error happens, the skb will be freed\nby dev_kfree_skb(skb). But the freed skb is still used in\nskb_tx_timestamp(skb).\n\nMy patch makes enic_queue_wq_skb() return error and goto spin_unlock()\nincase of error. The solution is provided by Govind.\nSee https://lkml.org/lkml/2021/4/30/961.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46998",
"url": "https://www.suse.com/security/cve/CVE-2021-46998"
},
{
"category": "external",
"summary": "SUSE Bug 1220625 for CVE-2021-46998",
"url": "https://bugzilla.suse.com/1220625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-46998"
},
{
"cve": "CVE-2021-47006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9064/1: hw_breakpoint: Do not directly check the event\u0027s overflow_handler hook\n\nThe commit 1879445dfa7b (\"perf/core: Set event\u0027s default\n::overflow_handler()\") set a default event-\u003eoverflow_handler in\nperf_event_alloc(), and replace the check event-\u003eoverflow_handler with\nis_default_overflow_handler(), but one is missing.\n\nCurrently, the bp-\u003eoverflow_handler can not be NULL. As a result,\nenable_single_step() is always not invoked.\n\nComments from Zhen Lei:\n\n https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210207105934.2001-1-thunder.leizhen@huawei.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47006",
"url": "https://www.suse.com/security/cve/CVE-2021-47006"
},
{
"category": "external",
"summary": "SUSE Bug 1220751 for CVE-2021-47006",
"url": "https://bugzilla.suse.com/1220751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47006"
},
{
"cve": "CVE-2021-47015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix RX consumer index logic in the error path.\n\nIn bnxt_rx_pkt(), the RX buffers are expected to complete in order.\nIf the RX consumer index indicates an out of order buffer completion,\nit means we are hitting a hardware bug and the driver will abort all\nremaining RX packets and reset the RX ring. The RX consumer index\nthat we pass to bnxt_discard_rx() is not correct. We should be\npassing the current index (tmp_raw_cons) instead of the old index\n(raw_cons). This bug can cause us to be at the wrong index when\ntrying to abort the next RX packet. It can crash like this:\n\n #0 [ffff9bbcdf5c39a8] machine_kexec at ffffffff9b05e007\n #1 [ffff9bbcdf5c3a00] __crash_kexec at ffffffff9b111232\n #2 [ffff9bbcdf5c3ad0] panic at ffffffff9b07d61e\n #3 [ffff9bbcdf5c3b50] oops_end at ffffffff9b030978\n #4 [ffff9bbcdf5c3b78] no_context at ffffffff9b06aaf0\n #5 [ffff9bbcdf5c3bd8] __bad_area_nosemaphore at ffffffff9b06ae2e\n #6 [ffff9bbcdf5c3c28] bad_area_nosemaphore at ffffffff9b06af24\n #7 [ffff9bbcdf5c3c38] __do_page_fault at ffffffff9b06b67e\n #8 [ffff9bbcdf5c3cb0] do_page_fault at ffffffff9b06bb12\n #9 [ffff9bbcdf5c3ce0] page_fault at ffffffff9bc015c5\n [exception RIP: bnxt_rx_pkt+237]\n RIP: ffffffffc0259cdd RSP: ffff9bbcdf5c3d98 RFLAGS: 00010213\n RAX: 000000005dd8097f RBX: ffff9ba4cb11b7e0 RCX: ffffa923cf6e9000\n RDX: 0000000000000fff RSI: 0000000000000627 RDI: 0000000000001000\n RBP: ffff9bbcdf5c3e60 R8: 0000000000420003 R9: 000000000000020d\n R10: ffffa923cf6ec138 R11: ffff9bbcdf5c3e83 R12: ffff9ba4d6f928c0\n R13: ffff9ba4cac28080 R14: ffff9ba4cb11b7f0 R15: ffff9ba4d5a30000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47015",
"url": "https://www.suse.com/security/cve/CVE-2021-47015"
},
{
"category": "external",
"summary": "SUSE Bug 1220794 for CVE-2021-47015",
"url": "https://bugzilla.suse.com/1220794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47015"
},
{
"cve": "CVE-2021-47024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: free queued packets when closing socket\n\nAs reported by syzbot [1], there is a memory leak while closing the\nsocket. We partially solved this issue with commit ac03046ece2b\n(\"vsock/virtio: free packets during the socket release\"), but we\nforgot to drain the RX queue when the socket is definitely closed by\nthe scheduled work.\n\nTo avoid future issues, let\u0027s use the new virtio_transport_remove_sock()\nto drain the RX queue before removing the socket from the af_vsock lists\ncalling vsock_remove_sock().\n\n[1] https://syzkaller.appspot.com/bug?extid=24452624fc4c571eedd9",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47024",
"url": "https://www.suse.com/security/cve/CVE-2021-47024"
},
{
"category": "external",
"summary": "SUSE Bug 1220637 for CVE-2021-47024",
"url": "https://bugzilla.suse.com/1220637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47024"
},
{
"cve": "CVE-2021-47034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix pte update for kernel memory on radix\n\nWhen adding a PTE a ptesync is needed to order the update of the PTE\nwith subsequent accesses otherwise a spurious fault may be raised.\n\nradix__set_pte_at() does not do this for performance gains. For\nnon-kernel memory this is not an issue as any faults of this kind are\ncorrected by the page fault handler. For kernel memory these faults\nare not handled. The current solution is that there is a ptesync in\nflush_cache_vmap() which should be called when mapping from the\nvmalloc region.\n\nHowever, map_kernel_page() does not call flush_cache_vmap(). This is\ntroublesome in particular for code patching with Strict RWX on radix.\nIn do_patch_instruction() the page frame that contains the instruction\nto be patched is mapped and then immediately patched. With no ordering\nor synchronization between setting up the PTE and writing to the page\nit is possible for faults.\n\nAs the code patching is done using __put_user_asm_goto() the resulting\nfault is obscured - but using a normal store instead it can be seen:\n\n BUG: Unable to handle kernel data access on write at 0xc008000008f24a3c\n Faulting instruction address: 0xc00000000008bd74\n Oops: Kernel access of bad area, sig: 11 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in: nop_module(PO+) [last unloaded: nop_module]\n CPU: 4 PID: 757 Comm: sh Tainted: P O 5.10.0-rc5-01361-ge3c1b78c8440-dirty #43\n NIP: c00000000008bd74 LR: c00000000008bd50 CTR: c000000000025810\n REGS: c000000016f634a0 TRAP: 0300 Tainted: P O (5.10.0-rc5-01361-ge3c1b78c8440-dirty)\n MSR: 9000000000009033 \u003cSF,HV,EE,ME,IR,DR,RI,LE\u003e CR: 44002884 XER: 00000000\n CFAR: c00000000007c68c DAR: c008000008f24a3c DSISR: 42000000 IRQMASK: 1\n\nThis results in the kind of issue reported here:\n https://lore.kernel.org/linuxppc-dev/15AC5B0E-A221-4B8C-9039-FA96B8EF7C88@lca.pw/\n\nChris Riedl suggested a reliable way to reproduce the issue:\n $ mount -t debugfs none /sys/kernel/debug\n $ (while true; do echo function \u003e /sys/kernel/debug/tracing/current_tracer ; echo nop \u003e /sys/kernel/debug/tracing/current_tracer ; done) \u0026\n\nTurning ftrace on and off does a large amount of code patching which\nin usually less then 5min will crash giving a trace like:\n\n ftrace-powerpc: (____ptrval____): replaced (4b473b11) != old (60000000)\n ------------[ ftrace bug ]------------\n ftrace failed to modify\n [\u003cc000000000bf8e5c\u003e] napi_busy_loop+0xc/0x390\n actual: 11:3b:47:4b\n Setting ftrace call site to call ftrace function\n ftrace record flags: 80000001\n (1)\n expected tramp: c00000000006c96c\n ------------[ cut here ]------------\n WARNING: CPU: 4 PID: 809 at kernel/trace/ftrace.c:2065 ftrace_bug+0x28c/0x2e8\n Modules linked in: nop_module(PO-) [last unloaded: nop_module]\n CPU: 4 PID: 809 Comm: sh Tainted: P O 5.10.0-rc5-01360-gf878ccaf250a #1\n NIP: c00000000024f334 LR: c00000000024f330 CTR: c0000000001a5af0\n REGS: c000000004c8b760 TRAP: 0700 Tainted: P O (5.10.0-rc5-01360-gf878ccaf250a)\n MSR: 900000000282b033 \u003cSF,HV,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 28008848 XER: 20040000\n CFAR: c0000000001a9c98 IRQMASK: 0\n GPR00: c00000000024f330 c000000004c8b9f0 c000000002770600 0000000000000022\n GPR04: 00000000ffff7fff c000000004c8b6d0 0000000000000027 c0000007fe9bcdd8\n GPR08: 0000000000000023 ffffffffffffffd8 0000000000000027 c000000002613118\n GPR12: 0000000000008000 c0000007fffdca00 0000000000000000 0000000000000000\n GPR16: 0000000023ec37c5 0000000000000000 0000000000000000 0000000000000008\n GPR20: c000000004c8bc90 c0000000027a2d20 c000000004c8bcd0 c000000002612fe8\n GPR24: 0000000000000038 0000000000000030 0000000000000028 0000000000000020\n GPR28: c000000000ff1b68 c000000000bf8e5c c00000000312f700 c000000000fbb9b0\n NIP ftrace_bug+0x28c/0x2e8\n LR ftrace_bug+0x288/0x2e8\n Call T\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47034",
"url": "https://www.suse.com/security/cve/CVE-2021-47034"
},
{
"category": "external",
"summary": "SUSE Bug 1220687 for CVE-2021-47034",
"url": "https://bugzilla.suse.com/1220687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47034"
},
{
"cve": "CVE-2021-47045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()\n\nIt is possible to call lpfc_issue_els_plogi() passing a did for which no\nmatching ndlp is found. A call is then made to lpfc_prep_els_iocb() with a\nnull pointer to a lpfc_nodelist structure resulting in a null pointer\ndereference.\n\nFix by returning an error status if no valid ndlp is found. Fix up comments\nregarding ndlp reference counting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47045",
"url": "https://www.suse.com/security/cve/CVE-2021-47045"
},
{
"category": "external",
"summary": "SUSE Bug 1220640 for CVE-2021-47045",
"url": "https://bugzilla.suse.com/1220640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47045"
},
{
"cve": "CVE-2021-47049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Use after free in __vmbus_open()\n\nThe \"open_info\" variable is added to the \u0026vmbus_connection.chn_msg_list,\nbut the error handling frees \"open_info\" without removing it from the\nlist. This will result in a use after free. First remove it from the\nlist, and then free it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47049",
"url": "https://www.suse.com/security/cve/CVE-2021-47049"
},
{
"category": "external",
"summary": "SUSE Bug 1220692 for CVE-2021-47049",
"url": "https://bugzilla.suse.com/1220692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47049"
},
{
"cve": "CVE-2021-47055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: require write permissions for locking and badblock ioctls\n\nMEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require\nwrite permission. Depending on the hardware MEMLOCK might even be\nwrite-once, e.g. for SPI-NOR flashes with their WP# tied to GND. OTPLOCK\nis always write-once.\n\nMEMSETBADBLOCK modifies the bad block table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47055",
"url": "https://www.suse.com/security/cve/CVE-2021-47055"
},
{
"category": "external",
"summary": "SUSE Bug 1220768 for CVE-2021-47055",
"url": "https://bugzilla.suse.com/1220768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47055"
},
{
"cve": "CVE-2021-47056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init\n\nADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown()\nbefore calling adf_iov_putmsg()-\u003emutex_lock(vf2pf_lock), however the\nvf2pf_lock is initialized in adf_dev_init(), which can fail and when it\nfail, the vf2pf_lock is either not initialized or destroyed, a subsequent\nuse of vf2pf_lock will cause issue.\nTo fix this issue, only set this flag if adf_dev_init() returns 0.\n\n[ 7.178404] BUG: KASAN: user-memory-access in __mutex_lock.isra.0+0x1ac/0x7c0\n[ 7.180345] Call Trace:\n[ 7.182576] mutex_lock+0xc9/0xd0\n[ 7.183257] adf_iov_putmsg+0x118/0x1a0 [intel_qat]\n[ 7.183541] adf_vf2pf_shutdown+0x4d/0x7b [intel_qat]\n[ 7.183834] adf_dev_shutdown+0x172/0x2b0 [intel_qat]\n[ 7.184127] adf_probe+0x5e9/0x600 [qat_dh895xccvf]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47056",
"url": "https://www.suse.com/security/cve/CVE-2021-47056"
},
{
"category": "external",
"summary": "SUSE Bug 1220769 for CVE-2021-47056",
"url": "https://bugzilla.suse.com/1220769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47056"
},
{
"cve": "CVE-2021-47060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Stop looking for coalesced MMIO zones if the bus is destroyed\n\nAbort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev()\nfails to allocate memory for the new instance of the bus. If it can\u0027t\ninstantiate a new bus, unregister_dev() destroys all devices _except_ the\ntarget device. But, it doesn\u0027t tell the caller that it obliterated the\nbus and invoked the destructor for all devices that were on the bus. In\nthe coalesced MMIO case, this can result in a deleted list entry\ndereference due to attempting to continue iterating on coalesced_zones\nafter future entries (in the walk) have been deleted.\n\nOpportunistically add curly braces to the for-loop, which encompasses\nmany lines but sneaks by without braces due to the guts being a single\nif statement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47060",
"url": "https://www.suse.com/security/cve/CVE-2021-47060"
},
{
"category": "external",
"summary": "SUSE Bug 1220742 for CVE-2021-47060",
"url": "https://bugzilla.suse.com/1220742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47060"
},
{
"cve": "CVE-2021-47061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Destroy I/O bus devices on unregister failure _after_ sync\u0027ing SRCU\n\nIf allocating a new instance of an I/O bus fails when unregistering a\ndevice, wait to destroy the device until after all readers are guaranteed\nto see the new null bus. Destroying devices before the bus is nullified\ncould lead to use-after-free since readers expect the devices on their\nreference of the bus to remain valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47061",
"url": "https://www.suse.com/security/cve/CVE-2021-47061"
},
{
"category": "external",
"summary": "SUSE Bug 1220745 for CVE-2021-47061",
"url": "https://bugzilla.suse.com/1220745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47061"
},
{
"cve": "CVE-2021-47063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge/panel: Cleanup connector on bridge detach\n\nIf we don\u0027t call drm_connector_cleanup() manually in\npanel_bridge_detach(), the connector will be cleaned up with the other\nDRM objects in the call to drm_mode_config_cleanup(). However, since our\ndrm_connector is devm-allocated, by the time drm_mode_config_cleanup()\nwill be called, our connector will be long gone. Therefore, the\nconnector must be cleaned up when the bridge is detached to avoid\nuse-after-free conditions.\n\nv2: Cleanup connector only if it was created\n\nv3: Add FIXME\n\nv4: (Use connector-\u003edev) directly in if() block",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47063",
"url": "https://www.suse.com/security/cve/CVE-2021-47063"
},
{
"category": "external",
"summary": "SUSE Bug 1220777 for CVE-2021-47063",
"url": "https://bugzilla.suse.com/1220777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47063"
},
{
"cve": "CVE-2021-47068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/nfc: fix use-after-free llcp_sock_bind/connect\n\nCommits 8a4cd82d (\"nfc: fix refcount leak in llcp_sock_connect()\")\nand c33b1cc62 (\"nfc: fix refcount leak in llcp_sock_bind()\")\nfixed a refcount leak bug in bind/connect but introduced a\nuse-after-free if the same local is assigned to 2 different sockets.\n\nThis can be triggered by the following simple program:\n int sock1 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP );\n int sock2 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP );\n memset( \u0026addr, 0, sizeof(struct sockaddr_nfc_llcp) );\n addr.sa_family = AF_NFC;\n addr.nfc_protocol = NFC_PROTO_NFC_DEP;\n bind( sock1, (struct sockaddr*) \u0026addr, sizeof(struct sockaddr_nfc_llcp) )\n bind( sock2, (struct sockaddr*) \u0026addr, sizeof(struct sockaddr_nfc_llcp) )\n close(sock1);\n close(sock2);\n\nFix this by assigning NULL to llcp_sock-\u003elocal after calling\nnfc_llcp_local_put.\n\nThis addresses CVE-2021-23134.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47068",
"url": "https://www.suse.com/security/cve/CVE-2021-47068"
},
{
"category": "external",
"summary": "SUSE Bug 1220739 for CVE-2021-47068",
"url": "https://bugzilla.suse.com/1220739"
},
{
"category": "external",
"summary": "SUSE Bug 1221130 for CVE-2021-47068",
"url": "https://bugzilla.suse.com/1221130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2021-47068"
},
{
"cve": "CVE-2021-47070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix another memory leak in error handling paths\n\nMemory allocated by \u0027vmbus_alloc_ring()\u0027 at the beginning of the probe\nfunction is never freed in the error handling path.\n\nAdd the missing \u0027vmbus_free_ring()\u0027 call.\n\nNote that it is already freed in the .remove function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47070",
"url": "https://www.suse.com/security/cve/CVE-2021-47070"
},
{
"category": "external",
"summary": "SUSE Bug 1220829 for CVE-2021-47070",
"url": "https://bugzilla.suse.com/1220829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47070"
},
{
"cve": "CVE-2021-47071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix a memory leak in error handling paths\n\nIf \u0027vmbus_establish_gpadl()\u0027 fails, the (recv|send)_gpadl will not be\nupdated and \u0027hv_uio_cleanup()\u0027 in the error handling path will not be\nable to free the corresponding buffer.\n\nIn such a case, we need to free the buffer explicitly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47071",
"url": "https://www.suse.com/security/cve/CVE-2021-47071"
},
{
"category": "external",
"summary": "SUSE Bug 1220846 for CVE-2021-47071",
"url": "https://bugzilla.suse.com/1220846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47071"
},
{
"cve": "CVE-2021-47073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios\n\ninit_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems\nwhere the Dell WMI interface is supported. While exit_dell_smbios_wmi()\nunregisters it unconditionally, this leads to the following oops:\n\n[ 175.722921] ------------[ cut here ]------------\n[ 175.722925] Unexpected driver unregister!\n[ 175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driver_unregister+0x38/0x40\n...\n[ 175.723089] Call Trace:\n[ 175.723094] cleanup_module+0x5/0xedd [dell_smbios]\n...\n[ 175.723148] ---[ end trace 064c34e1ad49509d ]---\n\nMake the unregister happen on the same condition the register happens\nto fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47073",
"url": "https://www.suse.com/security/cve/CVE-2021-47073"
},
{
"category": "external",
"summary": "SUSE Bug 1220850 for CVE-2021-47073",
"url": "https://bugzilla.suse.com/1220850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47073"
},
{
"cve": "CVE-2021-47100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module\n\nHi,\n\nWhen testing install and uninstall of ipmi_si.ko and ipmi_msghandler.ko,\nthe system crashed.\n\nThe log as follows:\n[ 141.087026] BUG: unable to handle kernel paging request at ffffffffc09b3a5a\n[ 141.087241] PGD 8fe4c0d067 P4D 8fe4c0d067 PUD 8fe4c0f067 PMD 103ad89067 PTE 0\n[ 141.087464] Oops: 0010 [#1] SMP NOPTI\n[ 141.087580] CPU: 67 PID: 668 Comm: kworker/67:1 Kdump: loaded Not tainted 4.18.0.x86_64 #47\n[ 141.088009] Workqueue: events 0xffffffffc09b3a40\n[ 141.088009] RIP: 0010:0xffffffffc09b3a5a\n[ 141.088009] Code: Bad RIP value.\n[ 141.088009] RSP: 0018:ffffb9094e2c3e88 EFLAGS: 00010246\n[ 141.088009] RAX: 0000000000000000 RBX: ffff9abfdb1f04a0 RCX: 0000000000000000\n[ 141.088009] RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\n[ 141.088009] RBP: 0000000000000000 R08: ffff9abfffee3cb8 R09: 00000000000002e1\n[ 141.088009] R10: ffffb9094cb73d90 R11: 00000000000f4240 R12: ffff9abfffee8700\n[ 141.088009] R13: 0000000000000000 R14: ffff9abfdb1f04a0 R15: ffff9abfdb1f04a8\n[ 141.088009] FS: 0000000000000000(0000) GS:ffff9abfffec0000(0000) knlGS:0000000000000000\n[ 141.088009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 141.088009] CR2: ffffffffc09b3a30 CR3: 0000008fe4c0a001 CR4: 00000000007606e0\n[ 141.088009] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 141.088009] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 141.088009] PKRU: 55555554\n[ 141.088009] Call Trace:\n[ 141.088009] ? process_one_work+0x195/0x390\n[ 141.088009] ? worker_thread+0x30/0x390\n[ 141.088009] ? process_one_work+0x390/0x390\n[ 141.088009] ? kthread+0x10d/0x130\n[ 141.088009] ? kthread_flush_work_fn+0x10/0x10\n[ 141.088009] ? ret_from_fork+0x35/0x40] BUG: unable to handle kernel paging request at ffffffffc0b28a5a\n[ 200.223240] PGD 97fe00d067 P4D 97fe00d067 PUD 97fe00f067 PMD a580cbf067 PTE 0\n[ 200.223464] Oops: 0010 [#1] SMP NOPTI\n[ 200.223579] CPU: 63 PID: 664 Comm: kworker/63:1 Kdump: loaded Not tainted 4.18.0.x86_64 #46\n[ 200.224008] Workqueue: events 0xffffffffc0b28a40\n[ 200.224008] RIP: 0010:0xffffffffc0b28a5a\n[ 200.224008] Code: Bad RIP value.\n[ 200.224008] RSP: 0018:ffffbf3c8e2a3e88 EFLAGS: 00010246\n[ 200.224008] RAX: 0000000000000000 RBX: ffffa0799ad6bca0 RCX: 0000000000000000\n[ 200.224008] RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\n[ 200.224008] RBP: 0000000000000000 R08: ffff9fe43fde3cb8 R09: 00000000000000d5\n[ 200.224008] R10: ffffbf3c8cb53d90 R11: 00000000000f4240 R12: ffff9fe43fde8700\n[ 200.224008] R13: 0000000000000000 R14: ffffa0799ad6bca0 R15: ffffa0799ad6bca8\n[ 200.224008] FS: 0000000000000000(0000) GS:ffff9fe43fdc0000(0000) knlGS:0000000000000000\n[ 200.224008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 200.224008] CR2: ffffffffc0b28a30 CR3: 00000097fe00a002 CR4: 00000000007606e0\n[ 200.224008] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 200.224008] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 200.224008] PKRU: 55555554\n[ 200.224008] Call Trace:\n[ 200.224008] ? process_one_work+0x195/0x390\n[ 200.224008] ? worker_thread+0x30/0x390\n[ 200.224008] ? process_one_work+0x390/0x390\n[ 200.224008] ? kthread+0x10d/0x130\n[ 200.224008] ? kthread_flush_work_fn+0x10/0x10\n[ 200.224008] ? ret_from_fork+0x35/0x40\n[ 200.224008] kernel fault(0x1) notification starting on CPU 63\n[ 200.224008] kernel fault(0x1) notification finished on CPU 63\n[ 200.224008] CR2: ffffffffc0b28a5a\n[ 200.224008] ---[ end trace c82a412d93f57412 ]---\n\nThe reason is as follows:\nT1: rmmod ipmi_si.\n -\u003eipmi_unregister_smi()\n -\u003e ipmi_bmc_unregister()\n -\u003e __ipmi_bmc_unregister()\n -\u003e kref_put(\u0026bmc-\u003eusecount, cleanup_bmc_device);\n -\u003e schedule_work(\u0026bmc-\u003eremove_work);\n\nT2: rmmod ipmi_msghandl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47100",
"url": "https://www.suse.com/security/cve/CVE-2021-47100"
},
{
"category": "external",
"summary": "SUSE Bug 1220985 for CVE-2021-47100",
"url": "https://bugzilla.suse.com/1220985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47100"
},
{
"cve": "CVE-2021-47101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nasix: fix uninit-value in asix_mdio_read()\n\nasix_read_cmd() may read less than sizeof(smsr) bytes and in this case\nsmsr will be uninitialized.\n\nFail log:\nBUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]\nBUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497\nBUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497\n asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]\n asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497\n asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47101",
"url": "https://www.suse.com/security/cve/CVE-2021-47101"
},
{
"category": "external",
"summary": "SUSE Bug 1220987 for CVE-2021-47101",
"url": "https://bugzilla.suse.com/1220987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47101"
},
{
"cve": "CVE-2021-47104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Fix memory leak in qib_user_sdma_queue_pkts()\n\nThe wrong goto label was used for the error case and missed cleanup of the\npkt allocation.\n\nAddresses-Coverity-ID: 1493352 (\"Resource leak\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47104",
"url": "https://www.suse.com/security/cve/CVE-2021-47104"
},
{
"category": "external",
"summary": "SUSE Bug 1220960 for CVE-2021-47104",
"url": "https://bugzilla.suse.com/1220960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47104"
},
{
"cve": "CVE-2021-47110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Disable kvmclock on all CPUs on shutdown\n\nCurrenly, we disable kvmclock from machine_shutdown() hook and this\nonly happens for boot CPU. We need to disable it for all CPUs to\nguard against memory corruption e.g. on restore from hibernate.\n\nNote, writing \u00270\u0027 to kvmclock MSR doesn\u0027t clear memory location, it\njust prevents hypervisor from updating the location so for the short\nwhile after write and while CPU is still alive, the clock remains usable\nand correct so we don\u0027t need to switch to some other clocksource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47110",
"url": "https://www.suse.com/security/cve/CVE-2021-47110"
},
{
"category": "external",
"summary": "SUSE Bug 1221532 for CVE-2021-47110",
"url": "https://bugzilla.suse.com/1221532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47110"
},
{
"cve": "CVE-2021-47112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Teardown PV features on boot CPU as well\n\nVarious PV features (Async PF, PV EOI, steal time) work through memory\nshared with hypervisor and when we restore from hibernation we must\nproperly teardown all these features to make sure hypervisor doesn\u0027t\nwrite to stale locations after we jump to the previously hibernated kernel\n(which can try to place anything there). For secondary CPUs the job is\nalready done by kvm_cpu_down_prepare(), register syscore ops to do\nthe same for boot CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47112",
"url": "https://www.suse.com/security/cve/CVE-2021-47112"
},
{
"category": "external",
"summary": "SUSE Bug 1221541 for CVE-2021-47112",
"url": "https://bugzilla.suse.com/1221541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47112"
},
{
"cve": "CVE-2021-47114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption by fallocate\n\nWhen fallocate punches holes out of inode size, if original isize is in\nthe middle of last cluster, then the part from isize to the end of the\ncluster will be zeroed with buffer write, at that time isize is not yet\nupdated to match the new size, if writeback is kicked in, it will invoke\nocfs2_writepage()-\u003eblock_write_full_page() where the pages out of inode\nsize will be dropped. That will cause file corruption. Fix this by\nzero out eof blocks when extending the inode size.\n\nRunning the following command with qemu-image 4.2.1 can get a corrupted\ncoverted image file easily.\n\n qemu-img convert -p -t none -T none -f qcow2 $qcow_image \\\n -O qcow2 -o compat=1.1 $qcow_image.conv\n\nThe usage of fallocate in qemu is like this, it first punches holes out\nof inode size, then extend the inode size.\n\n fallocate(11, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 2276196352, 65536) = 0\n fallocate(11, 0, 2276196352, 65536) = 0\n\nv1: https://www.spinics.net/lists/linux-fsdevel/msg193999.html\nv2: https://lore.kernel.org/linux-fsdevel/20210525093034.GB4112@quack2.suse.cz/T/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47114",
"url": "https://www.suse.com/security/cve/CVE-2021-47114"
},
{
"category": "external",
"summary": "SUSE Bug 1221548 for CVE-2021-47114",
"url": "https://bugzilla.suse.com/1221548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47114"
},
{
"cve": "CVE-2021-47117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed\n\nWe got follow bug_on when run fsstress with injecting IO fault:\n[130747.323114] kernel BUG at fs/ext4/extents_status.c:762!\n[130747.323117] Internal error: Oops - BUG: 0 [#1] SMP\n......\n[130747.334329] Call trace:\n[130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4]\n[130747.334975] ext4_cache_extents+0x64/0xe8 [ext4]\n[130747.335368] ext4_find_extent+0x300/0x330 [ext4]\n[130747.335759] ext4_ext_map_blocks+0x74/0x1178 [ext4]\n[130747.336179] ext4_map_blocks+0x2f4/0x5f0 [ext4]\n[130747.336567] ext4_mpage_readpages+0x4a8/0x7a8 [ext4]\n[130747.336995] ext4_readpage+0x54/0x100 [ext4]\n[130747.337359] generic_file_buffered_read+0x410/0xae8\n[130747.337767] generic_file_read_iter+0x114/0x190\n[130747.338152] ext4_file_read_iter+0x5c/0x140 [ext4]\n[130747.338556] __vfs_read+0x11c/0x188\n[130747.338851] vfs_read+0x94/0x150\n[130747.339110] ksys_read+0x74/0xf0\n\nThis patch\u0027s modification is according to Jan Kara\u0027s suggestion in:\nhttps://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/\n\"I see. Now I understand your patch. Honestly, seeing how fragile is trying\nto fix extent tree after split has failed in the middle, I would probably\ngo even further and make sure we fix the tree properly in case of ENOSPC\nand EDQUOT (those are easily user triggerable). Anything else indicates a\nHW problem or fs corruption so I\u0027d rather leave the extent tree as is and\ndon\u0027t try to fix it (which also means we will not create overlapping\nextents).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47117",
"url": "https://www.suse.com/security/cve/CVE-2021-47117"
},
{
"category": "external",
"summary": "SUSE Bug 1221575 for CVE-2021-47117",
"url": "https://bugzilla.suse.com/1221575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47117"
},
{
"cve": "CVE-2021-47118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npid: take a reference when initializing `cad_pid`\n\nDuring boot, kernel_init_freeable() initializes `cad_pid` to the init\ntask\u0027s struct pid. Later on, we may change `cad_pid` via a sysctl, and\nwhen this happens proc_do_cad_pid() will increment the refcount on the\nnew pid via get_pid(), and will decrement the refcount on the old pid\nvia put_pid(). As we never called get_pid() when we initialized\n`cad_pid`, we decrement a reference we never incremented, can therefore\nfree the init task\u0027s struct pid early. As there can be dangling\nreferences to the struct pid, we can later encounter a use-after-free\n(e.g. when delivering signals).\n\nThis was spotted when fuzzing v5.13-rc3 with Syzkaller, but seems to\nhave been around since the conversion of `cad_pid` to struct pid in\ncommit 9ec52099e4b8 (\"[PATCH] replace cad_pid by a struct pid\") from the\npre-KASAN stone age of v2.6.19.\n\nFix this by getting a reference to the init task\u0027s struct pid when we\nassign it to `cad_pid`.\n\nFull KASAN splat below.\n\n ==================================================================\n BUG: KASAN: use-after-free in ns_of_pid include/linux/pid.h:153 [inline]\n BUG: KASAN: use-after-free in task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n Read of size 4 at addr ffff23794dda0004 by task syz-executor.0/273\n\n CPU: 1 PID: 273 Comm: syz-executor.0 Not tainted 5.12.0-00001-g9aef892b2d15 #1\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n ns_of_pid include/linux/pid.h:153 [inline]\n task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n do_notify_parent+0x308/0xe60 kernel/signal.c:1950\n exit_notify kernel/exit.c:682 [inline]\n do_exit+0x2334/0x2bd0 kernel/exit.c:845\n do_group_exit+0x108/0x2c8 kernel/exit.c:922\n get_signal+0x4e4/0x2a88 kernel/signal.c:2781\n do_signal arch/arm64/kernel/signal.c:882 [inline]\n do_notify_resume+0x300/0x970 arch/arm64/kernel/signal.c:936\n work_pending+0xc/0x2dc\n\n Allocated by task 0:\n slab_post_alloc_hook+0x50/0x5c0 mm/slab.h:516\n slab_alloc_node mm/slub.c:2907 [inline]\n slab_alloc mm/slub.c:2915 [inline]\n kmem_cache_alloc+0x1f4/0x4c0 mm/slub.c:2920\n alloc_pid+0xdc/0xc00 kernel/pid.c:180\n copy_process+0x2794/0x5e18 kernel/fork.c:2129\n kernel_clone+0x194/0x13c8 kernel/fork.c:2500\n kernel_thread+0xd4/0x110 kernel/fork.c:2552\n rest_init+0x44/0x4a0 init/main.c:687\n arch_call_rest_init+0x1c/0x28\n start_kernel+0x520/0x554 init/main.c:1064\n 0x0\n\n Freed by task 270:\n slab_free_hook mm/slub.c:1562 [inline]\n slab_free_freelist_hook+0x98/0x260 mm/slub.c:1600\n slab_free mm/slub.c:3161 [inline]\n kmem_cache_free+0x224/0x8e0 mm/slub.c:3177\n put_pid.part.4+0xe0/0x1a8 kernel/pid.c:114\n put_pid+0x30/0x48 kernel/pid.c:109\n proc_do_cad_pid+0x190/0x1b0 kernel/sysctl.c:1401\n proc_sys_call_handler+0x338/0x4b0 fs/proc/proc_sysctl.c:591\n proc_sys_write+0x34/0x48 fs/proc/proc_sysctl.c:617\n call_write_iter include/linux/fs.h:1977 [inline]\n new_sync_write+0x3ac/0x510 fs/read_write.c:518\n vfs_write fs/read_write.c:605 [inline]\n vfs_write+0x9c4/0x1018 fs/read_write.c:585\n ksys_write+0x124/0x240 fs/read_write.c:658\n __do_sys_write fs/read_write.c:670 [inline]\n __se_sys_write fs/read_write.c:667 [inline]\n __arm64_sys_write+0x78/0xb0 fs/read_write.c:667\n __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]\n el0_svc_common.constprop.1+0x16c/0x388 arch/arm64/kernel/syscall.c:129\n do_el0_svc+0xf8/0x150 arch/arm64/kernel/syscall.c:168\n el0_svc+0x28/0x38 arch/arm64/kernel/entry-common.c:416\n el0_sync_handler+0x134/0x180 arch/arm64/kernel/entry-common.c:432\n el0_sync+0x154/0x180 arch/arm64/kernel/entry.S:701\n\n The buggy address belongs to the object at ffff23794dda0000\n which belongs to the cache pid of size 224\n The buggy address is located 4 bytes inside of\n 224-byte region [ff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47118",
"url": "https://www.suse.com/security/cve/CVE-2021-47118"
},
{
"category": "external",
"summary": "SUSE Bug 1221605 for CVE-2021-47118",
"url": "https://bugzilla.suse.com/1221605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47118"
},
{
"cve": "CVE-2021-47119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leak in ext4_fill_super\n\nBuffer head references must be released before calling kill_bdev();\notherwise the buffer head (and its page referenced by b_data) will not\nbe freed by kill_bdev, and subsequently that bh will be leaked.\n\nIf blocksizes differ, sb_set_blocksize() will kill current buffers and\npage cache by using kill_bdev(). And then super block will be reread\nagain but using correct blocksize this time. sb_set_blocksize() didn\u0027t\nfully free superblock page and buffer head, and being busy, they were\nnot freed and instead leaked.\n\nThis can easily be reproduced by calling an infinite loop of:\n\n systemctl start \u003cext4_on_lvm\u003e.mount, and\n systemctl stop \u003cext4_on_lvm\u003e.mount\n\n... since systemd creates a cgroup for each slice which it mounts, and\nthe bh leak get amplified by a dying memory cgroup that also never\ngets freed, and memory consumption is much more easily noticed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47119",
"url": "https://www.suse.com/security/cve/CVE-2021-47119"
},
{
"category": "external",
"summary": "SUSE Bug 1221608 for CVE-2021-47119",
"url": "https://bugzilla.suse.com/1221608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47119"
},
{
"cve": "CVE-2021-47138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: avoid accessing registers when clearing filters\n\nHardware register having the server TID base can contain\ninvalid values when adapter is in bad state (for example,\ndue to AER fatal error). Reading these invalid values in the\nregister can lead to out-of-bound memory access. So, fix\nby using the saved server TID base when clearing filters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47138",
"url": "https://www.suse.com/security/cve/CVE-2021-47138"
},
{
"category": "external",
"summary": "SUSE Bug 1221934 for CVE-2021-47138",
"url": "https://bugzilla.suse.com/1221934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47138"
},
{
"cve": "CVE-2021-47141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: Add NULL pointer checks when freeing irqs.\n\nWhen freeing notification blocks, we index priv-\u003emsix_vectors.\nIf we failed to allocate priv-\u003emsix_vectors (see abort_with_msix_vectors)\nthis could lead to a NULL pointer dereference if the driver is unloaded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47141",
"url": "https://www.suse.com/security/cve/CVE-2021-47141"
},
{
"category": "external",
"summary": "SUSE Bug 1221949 for CVE-2021-47141",
"url": "https://bugzilla.suse.com/1221949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47141"
},
{
"cve": "CVE-2021-47142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a use-after-free\n\nlooks like we forget to set ttm-\u003esg to NULL.\nHit panic below\n\n[ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 1235.989074] Call Trace:\n[ 1235.991751] sg_free_table+0x17/0x20\n[ 1235.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu]\n[ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu]\n[ 1236.008464] ttm_tt_destroy+0x1e/0x30 [ttm]\n[ 1236.013066] ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm]\n[ 1236.018783] ttm_bo_release+0x262/0xa50 [ttm]\n[ 1236.023547] ttm_bo_put+0x82/0xd0 [ttm]\n[ 1236.027766] amdgpu_bo_unref+0x26/0x50 [amdgpu]\n[ 1236.032809] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu]\n[ 1236.040400] kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu]\n[ 1236.046912] kfd_ioctl+0x463/0x690 [amdgpu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47142",
"url": "https://www.suse.com/security/cve/CVE-2021-47142"
},
{
"category": "external",
"summary": "SUSE Bug 1221952 for CVE-2021-47142",
"url": "https://bugzilla.suse.com/1221952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47142"
},
{
"cve": "CVE-2021-47143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: remove device from smcd_dev_list after failed device_add()\n\nIf the device_add() for a smcd_dev fails, there\u0027s no cleanup step that\nrolls back the earlier list_add(). The device subsequently gets freed,\nand we end up with a corrupted list.\n\nAdd some error handling that removes the device from the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47143",
"url": "https://www.suse.com/security/cve/CVE-2021-47143"
},
{
"category": "external",
"summary": "SUSE Bug 1221988 for CVE-2021-47143",
"url": "https://bugzilla.suse.com/1221988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47143"
},
{
"cve": "CVE-2021-47146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmld: fix panic in mld_newpack()\n\nmld_newpack() doesn\u0027t allow to allocate high order page,\nonly order-0 allocation is allowed.\nIf headroom size is too large, a kernel panic could occur in skb_put().\n\nTest commands:\n ip netns del A\n ip netns del B\n ip netns add A\n ip netns add B\n ip link add veth0 type veth peer name veth1\n ip link set veth0 netns A\n ip link set veth1 netns B\n\n ip netns exec A ip link set lo up\n ip netns exec A ip link set veth0 up\n ip netns exec A ip -6 a a 2001:db8:0::1/64 dev veth0\n ip netns exec B ip link set lo up\n ip netns exec B ip link set veth1 up\n ip netns exec B ip -6 a a 2001:db8:0::2/64 dev veth1\n for i in {1..99}\n do\n let A=$i-1\n ip netns exec A ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::1 remote 2001:db8:$A::2 encaplimit 100\n ip netns exec A ip -6 a a 2001:db8:$i::1/64 dev ip6gre$i\n ip netns exec A ip link set ip6gre$i up\n\n ip netns exec B ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::2 remote 2001:db8:$A::1 encaplimit 100\n ip netns exec B ip -6 a a 2001:db8:$i::2/64 dev ip6gre$i\n ip netns exec B ip link set ip6gre$i up\n done\n\nSplat looks like:\nkernel BUG at net/core/skbuff.c:110!\ninvalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI\nCPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.12.0+ #891\nWorkqueue: ipv6_addrconf addrconf_dad_work\nRIP: 0010:skb_panic+0x15d/0x15f\nCode: 92 fe 4c 8b 4c 24 10 53 8b 4d 70 45 89 e0 48 c7 c7 00 ae 79 83\n41 57 41 56 41 55 48 8b 54 24 a6 26 f9 ff \u003c0f\u003e 0b 48 8b 6c 24 20 89\n34 24 e8 4a 4e 92 fe 8b 34 24 48 c7 c1 20\nRSP: 0018:ffff88810091f820 EFLAGS: 00010282\nRAX: 0000000000000089 RBX: ffff8881086e9000 RCX: 0000000000000000\nRDX: 0000000000000089 RSI: 0000000000000008 RDI: ffffed1020123efb\nRBP: ffff888005f6eac0 R08: ffffed1022fc0031 R09: ffffed1022fc0031\nR10: ffff888117e00187 R11: ffffed1022fc0030 R12: 0000000000000028\nR13: ffff888008284eb0 R14: 0000000000000ed8 R15: 0000000000000ec0\nFS: 0000000000000000(0000) GS:ffff888117c00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8b801c5640 CR3: 0000000033c2c006 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n skb_put.cold.104+0x22/0x22\n ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? rcu_read_lock_sched_held+0x91/0xc0\n mld_newpack+0x398/0x8f0\n ? ip6_mc_hdr.isra.26.constprop.46+0x600/0x600\n ? lock_contended+0xc40/0xc40\n add_grhead.isra.33+0x280/0x380\n add_grec+0x5ca/0xff0\n ? mld_sendpack+0xf40/0xf40\n ? lock_downgrade+0x690/0x690\n mld_send_initial_cr.part.34+0xb9/0x180\n ipv6_mc_dad_complete+0x15d/0x1b0\n addrconf_dad_completed+0x8d2/0xbb0\n ? lock_downgrade+0x690/0x690\n ? addrconf_rs_timer+0x660/0x660\n ? addrconf_dad_work+0x73c/0x10e0\n addrconf_dad_work+0x73c/0x10e0\n\nAllowing high order page allocation could fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47146",
"url": "https://www.suse.com/security/cve/CVE-2021-47146"
},
{
"category": "external",
"summary": "SUSE Bug 1221979 for CVE-2021-47146",
"url": "https://bugzilla.suse.com/1221979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47146"
},
{
"cve": "CVE-2021-47149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fujitsu: fix potential null-ptr-deref\n\nIn fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer\nderef. To fix this, check the return value of ioremap and return -1\nto the caller in case of failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47149",
"url": "https://www.suse.com/security/cve/CVE-2021-47149"
},
{
"category": "external",
"summary": "SUSE Bug 1221972 for CVE-2021-47149",
"url": "https://bugzilla.suse.com/1221972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47149"
},
{
"cve": "CVE-2021-47150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: fix the potential memory leak in fec_enet_init()\n\nIf the memory allocated for cbd_base is failed, it should\nfree the memory allocated for the queues, otherwise it causes\nmemory leak.\n\nAnd if the memory allocated for the queues is failed, it can\nreturn error directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47150",
"url": "https://www.suse.com/security/cve/CVE-2021-47150"
},
{
"category": "external",
"summary": "SUSE Bug 1221973 for CVE-2021-47150",
"url": "https://bugzilla.suse.com/1221973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47150"
},
{
"cve": "CVE-2021-47153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don\u0027t generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47153",
"url": "https://www.suse.com/security/cve/CVE-2021-47153"
},
{
"category": "external",
"summary": "SUSE Bug 1221969 for CVE-2021-47153",
"url": "https://bugzilla.suse.com/1221969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47153"
},
{
"cve": "CVE-2021-47159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix a crash if -\u003eget_sset_count() fails\n\nIf ds-\u003eops-\u003eget_sset_count() fails then it \"count\" is a negative error\ncode such as -EOPNOTSUPP. Because \"i\" is an unsigned int, the negative\nerror code is type promoted to a very high value and the loop will\ncorrupt memory until the system crashes.\n\nFix this by checking for error codes and changing the type of \"i\" to\njust int.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47159",
"url": "https://www.suse.com/security/cve/CVE-2021-47159"
},
{
"category": "external",
"summary": "SUSE Bug 1221967 for CVE-2021-47159",
"url": "https://bugzilla.suse.com/1221967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47159"
},
{
"cve": "CVE-2021-47161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-dspi: Fix a resource leak in an error handling path\n\n\u0027dspi_request_dma()\u0027 should be undone by a \u0027dspi_release_dma()\u0027 call in the\nerror handling path of the probe function, as already done in the remove\nfunction",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47161",
"url": "https://www.suse.com/security/cve/CVE-2021-47161"
},
{
"category": "external",
"summary": "SUSE Bug 1221966 for CVE-2021-47161",
"url": "https://bugzilla.suse.com/1221966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47161"
},
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: fix shutdown crash when component not probed\n\nWhen main component is not probed, by example when the dw-hdmi module is\nnot loaded yet or in probe defer, the following crash appears on shutdown:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\n...\npc : meson_drv_shutdown+0x24/0x50\nlr : platform_drv_shutdown+0x20/0x30\n...\nCall trace:\nmeson_drv_shutdown+0x24/0x50\nplatform_drv_shutdown+0x20/0x30\ndevice_shutdown+0x158/0x360\nkernel_restart_prepare+0x38/0x48\nkernel_restart+0x18/0x68\n__do_sys_reboot+0x224/0x250\n__arm64_sys_reboot+0x24/0x30\n...\n\nSimply check if the priv struct has been allocated before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47165",
"url": "https://www.suse.com/security/cve/CVE-2021-47165"
},
{
"category": "external",
"summary": "SUSE Bug 1221965 for CVE-2021-47165",
"url": "https://bugzilla.suse.com/1221965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47165"
},
{
"cve": "CVE-2021-47166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47166"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Don\u0027t corrupt the value of pg_bytes_written in nfs_do_recoalesce()\n\nThe value of mirror-\u003epg_bytes_written should only be updated after a\nsuccessful attempt to flush out the requests on the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47166",
"url": "https://www.suse.com/security/cve/CVE-2021-47166"
},
{
"category": "external",
"summary": "SUSE Bug 1221998 for CVE-2021-47166",
"url": "https://bugzilla.suse.com/1221998"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47166",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47166"
},
{
"cve": "CVE-2021-47167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix an Oopsable condition in __nfs_pageio_add_request()\n\nEnsure that nfs_pageio_error_cleanup() resets the mirror array contents,\nso that the structure reflects the fact that it is now empty.\nAlso change the test in nfs_pageio_do_add_request() to be more robust by\nchecking whether or not the list is empty rather than relying on the\nvalue of pg_count.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47167",
"url": "https://www.suse.com/security/cve/CVE-2021-47167"
},
{
"category": "external",
"summary": "SUSE Bug 1221991 for CVE-2021-47167",
"url": "https://bugzilla.suse.com/1221991"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47167",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47167"
},
{
"cve": "CVE-2021-47168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47168"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption. It should be NFS_MAXFHSIZE because that\u0027s the size\nof the -\u003edata[] buffer.\n\nI reversed the size of the arguments to put the variable on the left.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47168",
"url": "https://www.suse.com/security/cve/CVE-2021-47168"
},
{
"category": "external",
"summary": "SUSE Bug 1222002 for CVE-2021-47168",
"url": "https://bugzilla.suse.com/1222002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47168"
},
{
"cve": "CVE-2021-47169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47169"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: rp2: use \u0027request_firmware\u0027 instead of \u0027request_firmware_nowait\u0027\n\nIn \u0027rp2_probe\u0027, the driver registers \u0027rp2_uart_interrupt\u0027 then calls\n\u0027rp2_fw_cb\u0027 through \u0027request_firmware_nowait\u0027. In \u0027rp2_fw_cb\u0027, if the\nfirmware don\u0027t exists, function just return without initializing ports\nof \u0027rp2_card\u0027. But now the interrupt handler function has been\nregistered, and when an interrupt comes, \u0027rp2_uart_interrupt\u0027 may access\nthose ports then causing NULL pointer dereference or other bugs.\n\nBecause the driver does some initialization work in \u0027rp2_fw_cb\u0027, in\norder to make the driver ready to handle interrupts, \u0027request_firmware\u0027\nshould be used instead of asynchronous \u0027request_firmware_nowait\u0027.\n\nThis report reveals it:\n\nINFO: trying to register non-static key.\nthe code is fine but needs lockdep annotation.\nturning off the locking correctness validator.\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xec/0x156 lib/dump_stack.c:118\n assign_lock_key kernel/locking/lockdep.c:727 [inline]\n register_lock_class+0x14e5/0x1ba0 kernel/locking/lockdep.c:753\n __lock_acquire+0x187/0x3750 kernel/locking/lockdep.c:3303\n lock_acquire+0x124/0x340 kernel/locking/lockdep.c:3907\n __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]\n _raw_spin_lock+0x32/0x50 kernel/locking/spinlock.c:144\n spin_lock include/linux/spinlock.h:329 [inline]\n rp2_ch_interrupt drivers/tty/serial/rp2.c:466 [inline]\n rp2_asic_interrupt.isra.9+0x15d/0x990 drivers/tty/serial/rp2.c:493\n rp2_uart_interrupt+0x49/0xe0 drivers/tty/serial/rp2.c:504\n __handle_irq_event_percpu+0xfb/0x770 kernel/irq/handle.c:149\n handle_irq_event_percpu+0x79/0x150 kernel/irq/handle.c:189\n handle_irq_event+0xac/0x140 kernel/irq/handle.c:206\n handle_fasteoi_irq+0x232/0x5c0 kernel/irq/chip.c:725\n generic_handle_irq_desc include/linux/irqdesc.h:155 [inline]\n handle_irq+0x230/0x3a0 arch/x86/kernel/irq_64.c:87\n do_IRQ+0xa7/0x1e0 arch/x86/kernel/irq.c:247\n common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:670\n \u003c/IRQ\u003e\nRIP: 0010:native_safe_halt+0x28/0x30 arch/x86/include/asm/irqflags.h:61\nCode: 00 00 55 be 04 00 00 00 48 c7 c7 00 c2 2f 8c 48 89 e5 e8 fb 31 e7 f8\n8b 05 75 af 8d 03 85 c0 7e 07 0f 00 2d 8a 61 65 00 fb f4 \u003c5d\u003e c3 90 90 90\n90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41\nRSP: 0018:ffff88806b71fcc8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffde\nRAX: 0000000000000000 RBX: ffffffff8bde7e48 RCX: ffffffff88a21285\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8c2fc200\nRBP: ffff88806b71fcc8 R08: fffffbfff185f840 R09: fffffbfff185f840\nR10: 0000000000000001 R11: fffffbfff185f840 R12: 0000000000000002\nR13: ffffffff8bea18a0 R14: 0000000000000000 R15: 0000000000000000\n arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline]\n default_idle+0x6f/0x360 arch/x86/kernel/process.c:557\n arch_cpu_idle+0xf/0x20 arch/x86/kernel/process.c:548\n default_idle_call+0x3b/0x60 kernel/sched/idle.c:93\n cpuidle_idle_call kernel/sched/idle.c:153 [inline]\n do_idle+0x2ab/0x3c0 kernel/sched/idle.c:263\n cpu_startup_entry+0xcb/0xe0 kernel/sched/idle.c:369\n start_secondary+0x3b8/0x4e0 arch/x86/kernel/smpboot.c:271\n secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000010\nPGD 8000000056d27067 P4D 8000000056d27067 PUD 56d28067 PMD 0\nOops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nRIP: 0010:readl arch/x86/include/asm/io.h:59 [inline]\nRIP: 0010:rp2_ch_interrupt drivers/tty/serial/rp2.c:472 [inline]\nRIP: 0010:rp2_asic_interrupt.isra.9+0x181/0x990 drivers/tty/serial/rp2.c:\n493\nCo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47169",
"url": "https://www.suse.com/security/cve/CVE-2021-47169"
},
{
"category": "external",
"summary": "SUSE Bug 1222000 for CVE-2021-47169",
"url": "https://bugzilla.suse.com/1222000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47169"
},
{
"cve": "CVE-2021-47171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47171",
"url": "https://www.suse.com/security/cve/CVE-2021-47171"
},
{
"category": "external",
"summary": "SUSE Bug 1221994 for CVE-2021-47171",
"url": "https://bugzilla.suse.com/1221994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/uss720: fix memory leak in uss720_probe\n\nuss720_probe forgets to decrease the refcount of usbdev in uss720_probe.\nFix this by decreasing the refcount of usbdev by usb_put_dev.\n\nBUG: memory leak\nunreferenced object 0xffff888101113800 (size 2048):\n comm \"kworker/0:1\", pid 7, jiffies 4294956777 (age 28.870s)\n hex dump (first 32 bytes):\n ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1...........\n 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................\n backtrace:\n [\u003cffffffff82b8e822\u003e] kmalloc include/linux/slab.h:554 [inline]\n [\u003cffffffff82b8e822\u003e] kzalloc include/linux/slab.h:684 [inline]\n [\u003cffffffff82b8e822\u003e] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582\n [\u003cffffffff82b98441\u003e] hub_port_connect drivers/usb/core/hub.c:5129 [inline]\n [\u003cffffffff82b98441\u003e] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]\n [\u003cffffffff82b98441\u003e] port_event drivers/usb/core/hub.c:5509 [inline]\n [\u003cffffffff82b98441\u003e] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591\n [\u003cffffffff81259229\u003e] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275\n [\u003cffffffff81259b19\u003e] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421\n [\u003cffffffff81261228\u003e] kthread+0x178/0x1b0 kernel/kthread.c:292\n [\u003cffffffff8100227f\u003e] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47173",
"url": "https://www.suse.com/security/cve/CVE-2021-47173"
},
{
"category": "external",
"summary": "SUSE Bug 1221993 for CVE-2021-47173",
"url": "https://bugzilla.suse.com/1221993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47173"
},
{
"cve": "CVE-2021-47177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix sysfs leak in alloc_iommu()\n\niommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent\nerrors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47177",
"url": "https://www.suse.com/security/cve/CVE-2021-47177"
},
{
"category": "external",
"summary": "SUSE Bug 1221997 for CVE-2021-47177",
"url": "https://bugzilla.suse.com/1221997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47177"
},
{
"cve": "CVE-2021-47179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()\n\nCommit de144ff4234f changes _pnfs_return_layout() to call\npnfs_mark_matching_lsegs_return() passing NULL as the struct\npnfs_layout_range argument. Unfortunately,\npnfs_mark_matching_lsegs_return() doesn\u0027t check if we have a value here\nbefore dereferencing it, causing an oops.\n\nI\u0027m able to hit this crash consistently when running connectathon basic\ntests on NFS v4.1/v4.2 against Ontap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47179",
"url": "https://www.suse.com/security/cve/CVE-2021-47179"
},
{
"category": "external",
"summary": "SUSE Bug 1222001 for CVE-2021-47179",
"url": "https://bugzilla.suse.com/1222001"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47179",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47179"
},
{
"cve": "CVE-2021-47180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47180"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: fix memory leak in nci_allocate_device\n\nnfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev.\nFix this by freeing hci_dev in nci_free_device.\n\nBUG: memory leak\nunreferenced object 0xffff888111ea6800 (size 1024):\n comm \"kworker/1:0\", pid 19, jiffies 4294942308 (age 13.580s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 60 fd 0c 81 88 ff ff .........`......\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000004bc25d43\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c000000004bc25d43\u003e] kzalloc include/linux/slab.h:682 [inline]\n [\u003c000000004bc25d43\u003e] nci_hci_allocate+0x21/0xd0 net/nfc/nci/hci.c:784\n [\u003c00000000c59cff92\u003e] nci_allocate_device net/nfc/nci/core.c:1170 [inline]\n [\u003c00000000c59cff92\u003e] nci_allocate_device+0x10b/0x160 net/nfc/nci/core.c:1132\n [\u003c00000000006e0a8e\u003e] nfcmrvl_nci_register_dev+0x10a/0x1c0 drivers/nfc/nfcmrvl/main.c:153\n [\u003c000000004da1b57e\u003e] nfcmrvl_probe+0x223/0x290 drivers/nfc/nfcmrvl/usb.c:345\n [\u003c00000000d506aed9\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554\n [\u003c00000000f5009125\u003e] driver_probe_device+0x84/0x100 drivers/base/dd.c:740\n [\u003c000000000ce658ca\u003e] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846\n [\u003c000000007067d05f\u003e] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431\n [\u003c00000000f8e13372\u003e] __device_attach+0x122/0x250 drivers/base/dd.c:914\n [\u003c000000009cf68860\u003e] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491\n [\u003c00000000359c965a\u003e] device_add+0x5be/0xc30 drivers/base/core.c:3109\n [\u003c00000000086e4bd3\u003e] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164\n [\u003c00000000ca036872\u003e] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n [\u003c00000000d40d36f6\u003e] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47180",
"url": "https://www.suse.com/security/cve/CVE-2021-47180"
},
{
"category": "external",
"summary": "SUSE Bug 1221999 for CVE-2021-47180",
"url": "https://bugzilla.suse.com/1221999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47180"
},
{
"cve": "CVE-2021-47181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: tusb6010: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47181",
"url": "https://www.suse.com/security/cve/CVE-2021-47181"
},
{
"category": "external",
"summary": "SUSE Bug 1222660 for CVE-2021-47181",
"url": "https://bugzilla.suse.com/1222660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47181"
},
{
"cve": "CVE-2021-47182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47182"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix scsi_mode_sense() buffer length handling\n\nSeveral problems exist with scsi_mode_sense() buffer length handling:\n\n 1) The allocation length field of the MODE SENSE(10) command is 16-bits,\n occupying bytes 7 and 8 of the CDB. With this command, access to mode\n pages larger than 255 bytes is thus possible. However, the CDB\n allocation length field is set by assigning len to byte 8 only, thus\n truncating buffer length larger than 255.\n\n 2) If scsi_mode_sense() is called with len smaller than 8 with\n sdev-\u003euse_10_for_ms set, or smaller than 4 otherwise, the buffer length\n is increased to 8 and 4 respectively, and the buffer is zero filled\n with these increased values, thus corrupting the memory following the\n buffer.\n\nFix these 2 problems by using put_unaligned_be16() to set the allocation\nlength field of MODE SENSE(10) CDB and by returning an error when len is\ntoo small.\n\nFurthermore, if len is larger than 255B, always try MODE SENSE(10) first,\neven if the device driver did not set sdev-\u003euse_10_for_ms. In case of\ninvalid opcode error for MODE SENSE(10), access to mode pages larger than\n255 bytes are not retried using MODE SENSE(6). To avoid buffer length\noverflows for the MODE_SENSE(10) case, check that len is smaller than 65535\nbytes.\n\nWhile at it, also fix the folowing:\n\n * Use get_unaligned_be16() to retrieve the mode data length and block\n descriptor length fields of the mode sense reply header instead of using\n an open coded calculation.\n\n * Fix the kdoc dbd argument explanation: the DBD bit stands for Disable\n Block Descriptor, which is the opposite of what the dbd argument\n description was.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47182",
"url": "https://www.suse.com/security/cve/CVE-2021-47182"
},
{
"category": "external",
"summary": "SUSE Bug 1222662 for CVE-2021-47182",
"url": "https://bugzilla.suse.com/1222662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47182"
},
{
"cve": "CVE-2021-47183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix link down processing to address NULL pointer dereference\n\nIf an FC link down transition while PLOGIs are outstanding to fabric well\nknown addresses, outstanding ABTS requests may result in a NULL pointer\ndereference. Driver unload requests may hang with repeated \"2878\" log\nmessages.\n\nThe Link down processing results in ABTS requests for outstanding ELS\nrequests. The Abort WQEs are sent for the ELSs before the driver had set\nthe link state to down. Thus the driver is sending the Abort with the\nexpectation that an ABTS will be sent on the wire. The Abort request is\nstalled waiting for the link to come up. In some conditions the driver may\nauto-complete the ELSs thus if the link does come up, the Abort completions\nmay reference an invalid structure.\n\nFix by ensuring that Abort set the flag to avoid link traffic if issued due\nto conditions where the link failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47183",
"url": "https://www.suse.com/security/cve/CVE-2021-47183"
},
{
"category": "external",
"summary": "SUSE Bug 1222664 for CVE-2021-47183",
"url": "https://bugzilla.suse.com/1222664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47183"
},
{
"cve": "CVE-2021-47184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that\u0027s causing a kernel oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47184",
"url": "https://www.suse.com/security/cve/CVE-2021-47184"
},
{
"category": "external",
"summary": "SUSE Bug 1222666 for CVE-2021-47184",
"url": "https://bugzilla.suse.com/1222666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47184"
},
{
"cve": "CVE-2021-47185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n Workqueue: events_unbound flush_to_ldisc\n Call trace:\n dump_backtrace+0x0/0x1ec\n show_stack+0x24/0x30\n dump_stack+0xd0/0x128\n panic+0x15c/0x374\n watchdog_timer_fn+0x2b8/0x304\n __run_hrtimer+0x88/0x2c0\n __hrtimer_run_queues+0xa4/0x120\n hrtimer_interrupt+0xfc/0x270\n arch_timer_handler_phys+0x40/0x50\n handle_percpu_devid_irq+0x94/0x220\n __handle_domain_irq+0x88/0xf0\n gic_handle_irq+0x84/0xfc\n el1_irq+0xc8/0x180\n slip_unesc+0x80/0x214 [slip]\n tty_ldisc_receive_buf+0x64/0x80\n tty_port_default_receive_buf+0x50/0x90\n flush_to_ldisc+0xbc/0x110\n process_one_work+0x1d4/0x4b0\n worker_thread+0x180/0x430\n kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47185",
"url": "https://www.suse.com/security/cve/CVE-2021-47185"
},
{
"category": "external",
"summary": "SUSE Bug 1222669 for CVE-2021-47185",
"url": "https://bugzilla.suse.com/1222669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47185"
},
{
"cve": "CVE-2021-47188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp-\u003ecmd);\n\nFix this warning by clearing lrbp-\u003ecmd from the abort handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47188",
"url": "https://www.suse.com/security/cve/CVE-2021-47188"
},
{
"category": "external",
"summary": "SUSE Bug 1222671 for CVE-2021-47188",
"url": "https://bugzilla.suse.com/1222671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47189"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix memory ordering between normal and ordered work functions\n\nOrdered work functions aren\u0027t guaranteed to be handled by the same thread\nwhich executed the normal work functions. The only way execution between\nnormal/ordered functions is synchronized is via the WORK_DONE_BIT,\nunfortunately the used bitops don\u0027t guarantee any ordering whatsoever.\n\nThis manifested as seemingly inexplicable crashes on ARM64, where\nasync_chunk::inode is seen as non-null in async_cow_submit which causes\nsubmit_compressed_extents to be called and crash occurs because\nasync_chunk::inode suddenly became NULL. The call trace was similar to:\n\n pc : submit_compressed_extents+0x38/0x3d0\n lr : async_cow_submit+0x50/0xd0\n sp : ffff800015d4bc20\n\n \u003cregisters omitted for brevity\u003e\n\n Call trace:\n submit_compressed_extents+0x38/0x3d0\n async_cow_submit+0x50/0xd0\n run_ordered_work+0xc8/0x280\n btrfs_work_helper+0x98/0x250\n process_one_work+0x1f0/0x4ac\n worker_thread+0x188/0x504\n kthread+0x110/0x114\n ret_from_fork+0x10/0x18\n\nFix this by adding respective barrier calls which ensure that all\naccesses preceding setting of WORK_DONE_BIT are strictly ordered before\nsetting the flag. At the same time add a read barrier after reading of\nWORK_DONE_BIT in run_ordered_work which ensures all subsequent loads\nwould be strictly ordered after reading the bit. This in turn ensures\nare all accesses before WORK_DONE_BIT are going to be strictly ordered\nbefore any access that can occur in ordered_func.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47189",
"url": "https://www.suse.com/security/cve/CVE-2021-47189"
},
{
"category": "external",
"summary": "SUSE Bug 1222706 for CVE-2021-47189",
"url": "https://bugzilla.suse.com/1222706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47189"
},
{
"cve": "CVE-2021-47198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine\n\nAn error is detected with the following report when unloading the driver:\n \"KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b\"\n\nThe NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the\nflag is not cleared upon completion of the login.\n\nThis allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set\nto LPFC_RPI_ALLOW_ERROR. This results in a use after free access when used\nas an rpi_ids array index.\n\nFix by clearing the NLP_REG_LOGIN_SEND nlp_flag in\nlpfc_mbx_cmpl_fc_reg_login().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47198",
"url": "https://www.suse.com/security/cve/CVE-2021-47198"
},
{
"category": "external",
"summary": "SUSE Bug 1222883 for CVE-2021-47198",
"url": "https://bugzilla.suse.com/1222883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47198"
},
{
"cve": "CVE-2021-47202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: Fix NULL pointer dereferences in of_thermal_ functions\n\nof_parse_thermal_zones() parses the thermal-zones node and registers a\nthermal_zone device for each subnode. However, if a thermal zone is\nconsuming a thermal sensor and that thermal sensor device hasn\u0027t probed\nyet, an attempt to set trip_point_*_temp for that thermal zone device\ncan cause a NULL pointer dereference. Fix it.\n\n console:/sys/class/thermal/thermal_zone87 # echo 120000 \u003e trip_point_0_temp\n ...\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ...\n Call trace:\n of_thermal_set_trip_temp+0x40/0xc4\n trip_point_temp_store+0xc0/0x1dc\n dev_attr_store+0x38/0x88\n sysfs_kf_write+0x64/0xc0\n kernfs_fop_write_iter+0x108/0x1d0\n vfs_write+0x2f4/0x368\n ksys_write+0x7c/0xec\n __arm64_sys_write+0x20/0x30\n el0_svc_common.llvm.7279915941325364641+0xbc/0x1bc\n do_el0_svc+0x28/0xa0\n el0_svc+0x14/0x24\n el0_sync_handler+0x88/0xec\n el0_sync+0x1c0/0x200\n\nWhile at it, fix the possible NULL pointer dereference in other\nfunctions as well: of_thermal_get_temp(), of_thermal_set_emul_temp(),\nof_thermal_get_trend().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47202",
"url": "https://www.suse.com/security/cve/CVE-2021-47202"
},
{
"category": "external",
"summary": "SUSE Bug 1222878 for CVE-2021-47202",
"url": "https://bugzilla.suse.com/1222878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47202"
},
{
"cve": "CVE-2021-47203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47203"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()\n\nWhen parsing the txq list in lpfc_drain_txq(), the driver attempts to pass\nthe requests to the adapter. If such an attempt fails, a local \"fail_msg\"\nstring is set and a log message output. The job is then added to a\ncompletions list for cancellation.\n\nProcessing of any further jobs from the txq list continues, but since\n\"fail_msg\" remains set, jobs are added to the completions list regardless\nof whether a wqe was passed to the adapter. If successfully added to\ntxcmplq, jobs are added to both lists resulting in list corruption.\n\nFix by clearing the fail_msg string after adding a job to the completions\nlist. This stops the subsequent jobs from being added to the completions\nlist unless they had an appropriate failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47203",
"url": "https://www.suse.com/security/cve/CVE-2021-47203"
},
{
"category": "external",
"summary": "SUSE Bug 1222881 for CVE-2021-47203",
"url": "https://bugzilla.suse.com/1222881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47203"
},
{
"cve": "CVE-2021-47204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dpaa2-eth: fix use-after-free in dpaa2_eth_remove\n\nAccess to netdev after free_netdev() will cause use-after-free bug.\nMove debug log before free_netdev() call to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47204",
"url": "https://www.suse.com/security/cve/CVE-2021-47204"
},
{
"category": "external",
"summary": "SUSE Bug 1222787 for CVE-2021-47204",
"url": "https://bugzilla.suse.com/1222787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47204"
},
{
"cve": "CVE-2021-47205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: Unregister clocks/resets when unbinding\n\nCurrently, unbinding a CCU driver unmaps the device\u0027s MMIO region, while\nleaving its clocks/resets and their providers registered. This can cause\na page fault later when some clock operation tries to perform MMIO. Fix\nthis by separating the CCU initialization from the memory allocation,\nand then using a devres callback to unregister the clocks and resets.\n\nThis also fixes a memory leak of the `struct ccu_reset`, and uses the\ncorrect owner (the specific platform driver) for the clocks and resets.\n\nEarly OF clock providers are never unregistered, and limited error\nhandling is possible, so they are mostly unchanged. The error reporting\nis made more consistent by moving the message inside of_sunxi_ccu_probe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47205",
"url": "https://www.suse.com/security/cve/CVE-2021-47205"
},
{
"category": "external",
"summary": "SUSE Bug 1222888 for CVE-2021-47205",
"url": "https://bugzilla.suse.com/1222888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47205"
},
{
"cve": "CVE-2021-47207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47207"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: gus: fix null pointer dereference on pointer block\n\nThe pointer block return from snd_gf1_dma_next_block could be\nnull, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47207",
"url": "https://www.suse.com/security/cve/CVE-2021-47207"
},
{
"category": "external",
"summary": "SUSE Bug 1222790 for CVE-2021-47207",
"url": "https://bugzilla.suse.com/1222790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47207"
},
{
"cve": "CVE-2021-47211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: fix null pointer dereference on pointer cs_desc\n\nThe pointer cs_desc return from snd_usb_find_clock_source could\nbe null, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47211",
"url": "https://www.suse.com/security/cve/CVE-2021-47211"
},
{
"category": "external",
"summary": "SUSE Bug 1222869 for CVE-2021-47211",
"url": "https://bugzilla.suse.com/1222869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47211"
},
{
"cve": "CVE-2021-47216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: advansys: Fix kernel pointer leak\n\nPointers should be printed with %p or %px rather than cast to \u0027unsigned\nlong\u0027 and printed with %lx.\n\nChange %lx to %p to print the hashed pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47216",
"url": "https://www.suse.com/security/cve/CVE-2021-47216"
},
{
"category": "external",
"summary": "SUSE Bug 1222876 for CVE-2021-47216",
"url": "https://bugzilla.suse.com/1222876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47216"
},
{
"cve": "CVE-2021-47217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails\n\nCheck for a valid hv_vp_index array prior to derefencing hv_vp_index when\nsetting Hyper-V\u0027s TSC change callback. If Hyper-V setup failed in\nhyperv_init(), the kernel will still report that it\u0027s running under\nHyper-V, but will have silently disabled nearly all functionality.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 4 PID: 1 Comm: swapper/0 Not tainted 5.15.0-rc2+ #75\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:set_hv_tscchange_cb+0x15/0xa0\n Code: \u003c8b\u003e 04 82 8b 15 12 17 85 01 48 c1 e0 20 48 0d ee 00 01 00 f6 c6 08\n ...\n Call Trace:\n kvm_arch_init+0x17c/0x280\n kvm_init+0x31/0x330\n vmx_init+0xba/0x13a\n do_one_initcall+0x41/0x1c0\n kernel_init_freeable+0x1f2/0x23b\n kernel_init+0x16/0x120\n ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47217",
"url": "https://www.suse.com/security/cve/CVE-2021-47217"
},
{
"category": "external",
"summary": "SUSE Bug 1222836 for CVE-2021-47217",
"url": "https://bugzilla.suse.com/1222836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47217"
},
{
"cve": "CVE-2022-0487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0487"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0487",
"url": "https://www.suse.com/security/cve/CVE-2022-0487"
},
{
"category": "external",
"summary": "SUSE Bug 1194516 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1194516"
},
{
"category": "external",
"summary": "SUSE Bug 1195949 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1195949"
},
{
"category": "external",
"summary": "SUSE Bug 1198615 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1198615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2022-0487"
},
{
"cve": "CVE-2022-48619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48619"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48619",
"url": "https://www.suse.com/security/cve/CVE-2022-48619"
},
{
"category": "external",
"summary": "SUSE Bug 1218220 for CVE-2022-48619",
"url": "https://bugzilla.suse.com/1218220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48619"
},
{
"cve": "CVE-2022-48626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48626"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmoxart: fix potential use-after-free on remove path\n\nIt was reported that the mmc host structure could be accessed after it\nwas freed in moxart_remove(), so fix this by saving the base register of\nthe device and using it instead of the pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48626",
"url": "https://www.suse.com/security/cve/CVE-2022-48626"
},
{
"category": "external",
"summary": "SUSE Bug 1220366 for CVE-2022-48626",
"url": "https://bugzilla.suse.com/1220366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48626"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn\u0027t find a command, but it missed to clean\nup the allocated memory for the management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48650",
"url": "https://www.suse.com/security/cve/CVE-2022-48650"
},
{
"category": "external",
"summary": "SUSE Bug 1223509 for CVE-2022-48650",
"url": "https://bugzilla.suse.com/1223509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48650"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in insert range\n\ninsert range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting file data.\n\nAlso includes some minor cleanup (avoiding rereading\ninode size repeatedly unnecessarily) to make it clearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48667",
"url": "https://www.suse.com/security/cve/CVE-2022-48667"
},
{
"category": "external",
"summary": "SUSE Bug 1223518 for CVE-2022-48667",
"url": "https://bugzilla.suse.com/1223518"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48667"
},
{
"cve": "CVE-2022-48668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in collapse range\n\ncollapse range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting the file data. This\nfixes xfstest generic/031\n\nI also decided to merge a minor cleanup to this into the same patch\n(avoiding rereading inode size repeatedly unnecessarily) to make it\nclearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48668",
"url": "https://www.suse.com/security/cve/CVE-2022-48668"
},
{
"category": "external",
"summary": "SUSE Bug 1223516 for CVE-2022-48668",
"url": "https://bugzilla.suse.com/1223516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48668"
},
{
"cve": "CVE-2022-48687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix out-of-bounds read when setting HMAC data.\n\nThe SRv6 layer allows defining HMAC data that can later be used to sign IPv6\nSegment Routing Headers. This configuration is realised via netlink through\nfour attributes: SEG6_ATTR_HMACKEYID, SEG6_ATTR_SECRET, SEG6_ATTR_SECRETLEN and\nSEG6_ATTR_ALGID. Because the SECRETLEN attribute is decoupled from the actual\nlength of the SECRET attribute, it is possible to provide invalid combinations\n(e.g., secret = \"\", secretlen = 64). This case is not checked in the code and\nwith an appropriately crafted netlink message, an out-of-bounds read of up\nto 64 bytes (max secret length) can occur past the skb end pointer and into\nskb_shared_info:\n\nBreakpoint 1, seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n208\t\tmemcpy(hinfo-\u003esecret, secret, slen);\n(gdb) bt\n #0 seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n #1 0xffffffff81e012e9 in genl_family_rcv_msg_doit (skb=skb@entry=0xffff88800b1f9f00, nlh=nlh@entry=0xffff88800b1b7600,\n extack=extack@entry=0xffffc90000ba7af0, ops=ops@entry=0xffffc90000ba7a80, hdrlen=4, net=0xffffffff84237580 \u003cinit_net\u003e, family=\u003coptimized out\u003e,\n family=\u003coptimized out\u003e) at net/netlink/genetlink.c:731\n #2 0xffffffff81e01435 in genl_family_rcv_msg (extack=0xffffc90000ba7af0, nlh=0xffff88800b1b7600, skb=0xffff88800b1f9f00,\n family=0xffffffff82fef6c0 \u003cseg6_genl_family\u003e) at net/netlink/genetlink.c:775\n #3 genl_rcv_msg (skb=0xffff88800b1f9f00, nlh=0xffff88800b1b7600, extack=0xffffc90000ba7af0) at net/netlink/genetlink.c:792\n #4 0xffffffff81dfffc3 in netlink_rcv_skb (skb=skb@entry=0xffff88800b1f9f00, cb=cb@entry=0xffffffff81e01350 \u003cgenl_rcv_msg\u003e)\n at net/netlink/af_netlink.c:2501\n #5 0xffffffff81e00919 in genl_rcv (skb=0xffff88800b1f9f00) at net/netlink/genetlink.c:803\n #6 0xffffffff81dff6ae in netlink_unicast_kernel (ssk=0xffff888010eec800, skb=0xffff88800b1f9f00, sk=0xffff888004aed000)\n at net/netlink/af_netlink.c:1319\n #7 netlink_unicast (ssk=ssk@entry=0xffff888010eec800, skb=skb@entry=0xffff88800b1f9f00, portid=portid@entry=0, nonblock=\u003coptimized out\u003e)\n at net/netlink/af_netlink.c:1345\n #8 0xffffffff81dff9a4 in netlink_sendmsg (sock=\u003coptimized out\u003e, msg=0xffffc90000ba7e48, len=\u003coptimized out\u003e) at net/netlink/af_netlink.c:1921\n...\n(gdb) p/x ((struct sk_buff *)0xffff88800b1f9f00)-\u003ehead + ((struct sk_buff *)0xffff88800b1f9f00)-\u003eend\n$1 = 0xffff88800b1b76c0\n(gdb) p/x secret\n$2 = 0xffff88800b1b76c0\n(gdb) p slen\n$3 = 64 \u0027@\u0027\n\nThe OOB data can then be read back from userspace by dumping HMAC state. This\ncommit fixes this by ensuring SECRETLEN cannot exceed the actual length of\nSECRET.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48687",
"url": "https://www.suse.com/security/cve/CVE-2022-48687"
},
{
"category": "external",
"summary": "SUSE Bug 1223952 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "external",
"summary": "SUSE Bug 1224043 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1224043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2022-48687"
},
{
"cve": "CVE-2022-48688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix kernel crash during module removal\n\nThe driver incorrectly frees client instance and subsequent\ni40e module removal leads to kernel crash.\n\nReproducer:\n1. Do ethtool offline test followed immediately by another one\nhost# ethtool -t eth0 offline; ethtool -t eth0 offline\n2. Remove recursively irdma module that also removes i40e module\nhost# modprobe -r irdma\n\nResult:\n[ 8675.035651] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.193774] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.201316] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.358921] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.496921] i40e 0000:3d:00.0: IRDMA hardware initialization FAILED init_state=2 status=-110\n[ 8686.188955] i40e 0000:3d:00.1: i40e_ptp_stop: removed PHC on eno2\n[ 8686.943890] i40e 0000:3d:00.1: Deleted LAN device PF1 bus=0x3d dev=0x00 func=0x01\n[ 8686.952669] i40e 0000:3d:00.0: i40e_ptp_stop: removed PHC on eno1\n[ 8687.761787] BUG: kernel NULL pointer dereference, address: 0000000000000030\n[ 8687.768755] #PF: supervisor read access in kernel mode\n[ 8687.773895] #PF: error_code(0x0000) - not-present page\n[ 8687.779034] PGD 0 P4D 0\n[ 8687.781575] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 8687.785935] CPU: 51 PID: 172891 Comm: rmmod Kdump: loaded Tainted: G W I 5.19.0+ #2\n[ 8687.794800] Hardware name: Intel Corporation S2600WFD/S2600WFD, BIOS SE5C620.86B.0X.02.0001.051420190324 05/14/2019\n[ 8687.805222] RIP: 0010:i40e_lan_del_device+0x13/0xb0 [i40e]\n[ 8687.810719] Code: d4 84 c0 0f 84 b8 25 01 00 e9 9c 25 01 00 41 bc f4 ff ff ff eb 91 90 0f 1f 44 00 00 41 54 55 53 48 8b 87 58 08 00 00 48 89 fb \u003c48\u003e 8b 68 30 48 89 ef e8 21 8a 0f d5 48 89 ef e8 a9 78 0f d5 48 8b\n[ 8687.829462] RSP: 0018:ffffa604072efce0 EFLAGS: 00010202\n[ 8687.834689] RAX: 0000000000000000 RBX: ffff8f43833b2000 RCX: 0000000000000000\n[ 8687.841821] RDX: 0000000000000000 RSI: ffff8f4b0545b298 RDI: ffff8f43833b2000\n[ 8687.848955] RBP: ffff8f43833b2000 R08: 0000000000000001 R09: 0000000000000000\n[ 8687.856086] R10: 0000000000000000 R11: 000ffffffffff000 R12: ffff8f43833b2ef0\n[ 8687.863218] R13: ffff8f43833b2ef0 R14: ffff915103966000 R15: ffff8f43833b2008\n[ 8687.870342] FS: 00007f79501c3740(0000) GS:ffff8f4adffc0000(0000) knlGS:0000000000000000\n[ 8687.878427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8687.884174] CR2: 0000000000000030 CR3: 000000014276e004 CR4: 00000000007706e0\n[ 8687.891306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 8687.898441] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 8687.905572] PKRU: 55555554\n[ 8687.908286] Call Trace:\n[ 8687.910737] \u003cTASK\u003e\n[ 8687.912843] i40e_remove+0x2c0/0x330 [i40e]\n[ 8687.917040] pci_device_remove+0x33/0xa0\n[ 8687.920962] device_release_driver_internal+0x1aa/0x230\n[ 8687.926188] driver_detach+0x44/0x90\n[ 8687.929770] bus_remove_driver+0x55/0xe0\n[ 8687.933693] pci_unregister_driver+0x2a/0xb0\n[ 8687.937967] i40e_exit_module+0xc/0xf48 [i40e]\n\nTwo offline tests cause IRDMA driver failure (ETIMEDOUT) and this\nfailure is indicated back to i40e_client_subtask() that calls\ni40e_client_del_instance() to free client instance referenced\nby pf-\u003ecinst and sets this pointer to NULL. During the module\nremoval i40e_remove() calls i40e_lan_del_device() that dereferences\npf-\u003ecinst that is NULL -\u003e crash.\nDo not remove client instance when client open callbacks fails and\njust clear __I40E_CLIENT_INSTANCE_OPENED bit. The driver also needs\nto take care about this situation (when netdev is up and client\nis NOT opened) in i40e_notify_client_of_netdev_close() and\ncalls client close callback only when __I40E_CLIENT_INSTANCE_OPENED\nis set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48688",
"url": "https://www.suse.com/security/cve/CVE-2022-48688"
},
{
"category": "external",
"summary": "SUSE Bug 1223953 for CVE-2022-48688",
"url": "https://bugzilla.suse.com/1223953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48688"
},
{
"cve": "CVE-2022-48695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use-after-free warning\n\nFix the following use-after-free warning which is observed during\ncontroller reset:\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48695",
"url": "https://www.suse.com/security/cve/CVE-2022-48695"
},
{
"category": "external",
"summary": "SUSE Bug 1223941 for CVE-2022-48695",
"url": "https://bugzilla.suse.com/1223941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48695"
},
{
"cve": "CVE-2022-48701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()\n\nThere may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and\nthe number of it\u0027s interfaces less than 4, an out-of-bounds read bug occurs\nwhen parsing the interface descriptor for this device.\n\nFix this by checking the number of interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48701",
"url": "https://www.suse.com/security/cve/CVE-2022-48701"
},
{
"category": "external",
"summary": "SUSE Bug 1223921 for CVE-2022-48701",
"url": "https://bugzilla.suse.com/1223921"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "low"
}
],
"title": "CVE-2022-48701"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-52454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length\n\nIf the host sends an H2CData command with an invalid DATAL,\nthe kernel may crash in nvmet_tcp_build_pdu_iovec().\n\nUnable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\nlr : nvmet_tcp_io_work+0x6ac/0x718 [nvmet_tcp]\nCall trace:\n process_one_work+0x174/0x3c8\n worker_thread+0x2d0/0x3e8\n kthread+0x104/0x110\n\nFix the bug by raising a fatal error if DATAL isn\u0027t coherent\nwith the packet size.\nAlso, the PDU length should never exceed the MAXH2CDATA parameter which\nhas been communicated to the host in nvmet_tcp_handle_icreq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52454",
"url": "https://www.suse.com/security/cve/CVE-2023-52454"
},
{
"category": "external",
"summary": "SUSE Bug 1220320 for CVE-2023-52454",
"url": "https://bugzilla.suse.com/1220320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52454"
},
{
"cve": "CVE-2023-52469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/amd/pm: fix a use-after-free in kv_parse_power_table\n\nWhen ps allocated by kzalloc equals to NULL, kv_parse_power_table\nfrees adev-\u003epm.dpm.ps that allocated before. However, after the control\nflow goes through the following call chains:\n\nkv_parse_power_table\n |-\u003e kv_dpm_init\n |-\u003e kv_dpm_sw_init\n\t |-\u003e kv_dpm_fini\n\nThe adev-\u003epm.dpm.ps is used in the for loop of kv_dpm_fini after its\nfirst free in kv_parse_power_table and causes a use-after-free bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52469",
"url": "https://www.suse.com/security/cve/CVE-2023-52469"
},
{
"category": "external",
"summary": "SUSE Bug 1220411 for CVE-2023-52469",
"url": "https://bugzilla.suse.com/1220411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52469"
},
{
"cve": "CVE-2023-52470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52470",
"url": "https://www.suse.com/security/cve/CVE-2023-52470"
},
{
"category": "external",
"summary": "SUSE Bug 1220413 for CVE-2023-52470",
"url": "https://bugzilla.suse.com/1220413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52470"
},
{
"cve": "CVE-2023-52474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests\n\nhfi1 user SDMA request processing has two bugs that can cause data\ncorruption for user SDMA requests that have multiple payload iovecs\nwhere an iovec other than the tail iovec does not run up to the page\nboundary for the buffer pointed to by that iovec.a\n\nHere are the specific bugs:\n1. user_sdma_txadd() does not use struct user_sdma_iovec-\u003eiov.iov_len.\n Rather, user_sdma_txadd() will add up to PAGE_SIZE bytes from iovec\n to the packet, even if some of those bytes are past\n iovec-\u003eiov.iov_len and are thus not intended to be in the packet.\n2. user_sdma_txadd() and user_sdma_send_pkts() fail to advance to the\n next iovec in user_sdma_request-\u003eiovs when the current iovec\n is not PAGE_SIZE and does not contain enough data to complete the\n packet. The transmitted packet will contain the wrong data from the\n iovec pages.\n\nThis has not been an issue with SDMA packets from hfi1 Verbs or PSM2\nbecause they only produce iovecs that end short of PAGE_SIZE as the tail\niovec of an SDMA request.\n\nFixing these bugs exposes other bugs with the SDMA pin cache\n(struct mmu_rb_handler) that get in way of supporting user SDMA requests\nwith multiple payload iovecs whose buffers do not end at PAGE_SIZE. So\nthis commit fixes those issues as well.\n\nHere are the mmu_rb_handler bugs that non-PAGE_SIZE-end multi-iovec\npayload user SDMA requests can hit:\n1. Overlapping memory ranges in mmu_rb_handler will result in duplicate\n pinnings.\n2. When extending an existing mmu_rb_handler entry (struct mmu_rb_node),\n the mmu_rb code (1) removes the existing entry under a lock, (2)\n releases that lock, pins the new pages, (3) then reacquires the lock\n to insert the extended mmu_rb_node.\n\n If someone else comes in and inserts an overlapping entry between (2)\n and (3), insert in (3) will fail.\n\n The failure path code in this case unpins _all_ pages in either the\n original mmu_rb_node or the new mmu_rb_node that was inserted between\n (2) and (3).\n3. In hfi1_mmu_rb_remove_unless_exact(), mmu_rb_node-\u003erefcount is\n incremented outside of mmu_rb_handler-\u003elock. As a result, mmu_rb_node\n could be evicted by another thread that gets mmu_rb_handler-\u003elock and\n checks mmu_rb_node-\u003erefcount before mmu_rb_node-\u003erefcount is\n incremented.\n4. Related to #2 above, SDMA request submission failure path does not\n check mmu_rb_node-\u003erefcount before freeing mmu_rb_node object.\n\n If there are other SDMA requests in progress whose iovecs have\n pointers to the now-freed mmu_rb_node(s), those pointers to the\n now-freed mmu_rb nodes will be dereferenced when those SDMA requests\n complete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52474",
"url": "https://www.suse.com/security/cve/CVE-2023-52474"
},
{
"category": "external",
"summary": "SUSE Bug 1220445 for CVE-2023-52474",
"url": "https://bugzilla.suse.com/1220445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2023-52476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/lbr: Filter vsyscall addresses\n\nWe found that a panic can occur when a vsyscall is made while LBR sampling\nis active. If the vsyscall is interrupted (NMI) for perf sampling, this\ncall sequence can occur (most recent at top):\n\n __insn_get_emulate_prefix()\n insn_get_emulate_prefix()\n insn_get_prefixes()\n insn_get_opcode()\n decode_branch_type()\n get_branch_type()\n intel_pmu_lbr_filter()\n intel_pmu_handle_irq()\n perf_event_nmi_handler()\n\nWithin __insn_get_emulate_prefix() at frame 0, a macro is called:\n\n peek_nbyte_next(insn_byte_t, insn, i)\n\nWithin this macro, this dereference occurs:\n\n (insn)-\u003enext_byte\n\nInspecting registers at this point, the value of the next_byte field is the\naddress of the vsyscall made, for example the location of the vsyscall\nversion of gettimeofday() at 0xffffffffff600000. The access to an address\nin the vsyscall region will trigger an oops due to an unhandled page fault.\n\nTo fix the bug, filtering for vsyscalls can be done when\ndetermining the branch type. This patch will return\na \"none\" branch if a kernel address if found to lie in the\nvsyscall region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52476",
"url": "https://www.suse.com/security/cve/CVE-2023-52476"
},
{
"category": "external",
"summary": "SUSE Bug 1220703 for CVE-2023-52476",
"url": "https://bugzilla.suse.com/1220703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52476"
},
{
"cve": "CVE-2023-52477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: hub: Guard against accesses to uninitialized BOS descriptors\n\nMany functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h\naccess fields inside udev-\u003ebos without checking if it was allocated and\ninitialized. If usb_get_bos_descriptor() fails for whatever\nreason, udev-\u003ebos will be NULL and those accesses will result in a\ncrash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000018\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 5 PID: 17818 Comm: kworker/5:1 Tainted: G W 5.15.108-18910-gab0e1cb584e1 #1 \u003cHASH:1f9e 1\u003e\nHardware name: Google Kindred/Kindred, BIOS Google_Kindred.12672.413.0 02/03/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:hub_port_reset+0x193/0x788\nCode: 89 f7 e8 20 f7 15 00 48 8b 43 08 80 b8 96 03 00 00 03 75 36 0f b7 88 92 03 00 00 81 f9 10 03 00 00 72 27 48 8b 80 a8 03 00 00 \u003c48\u003e 83 78 18 00 74 19 48 89 df 48 8b 75 b0 ba 02 00 00 00 4c 89 e9\nRSP: 0018:ffffab740c53fcf8 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffa1bc5f678000 RCX: 0000000000000310\nRDX: fffffffffffffdff RSI: 0000000000000286 RDI: ffffa1be9655b840\nRBP: ffffab740c53fd70 R08: 00001b7d5edaa20c R09: ffffffffb005e060\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: ffffab740c53fd3e R14: 0000000000000032 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffffa1be96540000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000018 CR3: 000000022e80c005 CR4: 00000000003706e0\nCall Trace:\nhub_event+0x73f/0x156e\n? hub_activate+0x5b7/0x68f\nprocess_one_work+0x1a2/0x487\nworker_thread+0x11a/0x288\nkthread+0x13a/0x152\n? process_one_work+0x487/0x487\n? kthread_associate_blkcg+0x70/0x70\nret_from_fork+0x1f/0x30\n\nFall back to a default behavior if the BOS descriptor isn\u0027t accessible\nand skip all the functionalities that depend on it: LPM support checks,\nSuper Speed capabilitiy checks, U1/U2 states setup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52477",
"url": "https://www.suse.com/security/cve/CVE-2023-52477"
},
{
"category": "external",
"summary": "SUSE Bug 1220790 for CVE-2023-52477",
"url": "https://bugzilla.suse.com/1220790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52477"
},
{
"cve": "CVE-2023-52486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52486"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Don\u0027t unref the same fb many times by mistake due to deadlock handling\n\nIf we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl()\nwe proceed to unref the fb and then retry the whole thing from the top.\nBut we forget to reset the fb pointer back to NULL, and so if we then\nget another error during the retry, before the fb lookup, we proceed\nthe unref the same fb again without having gotten another reference.\nThe end result is that the fb will (eventually) end up being freed\nwhile it\u0027s still in use.\n\nReset fb to NULL once we\u0027ve unreffed it to avoid doing it again\nuntil we\u0027ve done another fb lookup.\n\nThis turned out to be pretty easy to hit on a DG2 when doing async\nflips (and CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y). The first symptom I\nsaw that drm_closefb() simply got stuck in a busy loop while walking\nthe framebuffer list. Fortunately I was able to convince it to oops\ninstead, and from there it was easier to track down the culprit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52486",
"url": "https://www.suse.com/security/cve/CVE-2023-52486"
},
{
"category": "external",
"summary": "SUSE Bug 1221277 for CVE-2023-52486",
"url": "https://bugzilla.suse.com/1221277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52486"
},
{
"cve": "CVE-2023-52488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO\n\nThe SC16IS7XX IC supports a burst mode to access the FIFOs where the\ninitial register address is sent ($00), followed by all the FIFO data\nwithout having to resend the register address each time. In this mode, the\nIC doesn\u0027t increment the register address for each R/W byte.\n\nThe regmap_raw_read() and regmap_raw_write() are functions which can\nperform IO over multiple registers. They are currently used to read/write\nfrom/to the FIFO, and although they operate correctly in this burst mode on\nthe SPI bus, they would corrupt the regmap cache if it was not disabled\nmanually. The reason is that when the R/W size is more than 1 byte, these\nfunctions assume that the register address is incremented and handle the\ncache accordingly.\n\nConvert FIFO R/W functions to use the regmap _noinc_ versions in order to\nremove the manual cache control which was a workaround when using the\n_raw_ versions. FIFO registers are properly declared as volatile so\ncache will not be used/updated for FIFO accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52488",
"url": "https://www.suse.com/security/cve/CVE-2023-52488"
},
{
"category": "external",
"summary": "SUSE Bug 1221162 for CVE-2023-52488",
"url": "https://bugzilla.suse.com/1221162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52488"
},
{
"cve": "CVE-2023-52509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nravb: Fix use-after-free issue in ravb_tx_timeout_work()\n\nThe ravb_stop() should call cancel_work_sync(). Otherwise,\nravb_tx_timeout_work() is possible to use the freed priv after\nravb_remove() was called like below:\n\nCPU0\t\t\tCPU1\n\t\t\travb_tx_timeout()\nravb_remove()\nunregister_netdev()\nfree_netdev(ndev)\n// free priv\n\t\t\travb_tx_timeout_work()\n\t\t\t// use priv\n\nunregister_netdev() will call .ndo_stop() so that ravb_stop() is\ncalled. And, after phy_stop() is called, netif_carrier_off()\nis also called. So that .ndo_tx_timeout() will not be called\nafter phy_stop().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52509",
"url": "https://www.suse.com/security/cve/CVE-2023-52509"
},
{
"category": "external",
"summary": "SUSE Bug 1220836 for CVE-2023-52509",
"url": "https://bugzilla.suse.com/1220836"
},
{
"category": "external",
"summary": "SUSE Bug 1223290 for CVE-2023-52509",
"url": "https://bugzilla.suse.com/1223290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2023-52509"
},
{
"cve": "CVE-2023-52515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srp: Do not call scsi_done() from srp_abort()\n\nAfter scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler\ncallback, it performs one of the following actions:\n* Call scsi_queue_insert().\n* Call scsi_finish_command().\n* Call scsi_eh_scmd_add().\nHence, SCSI abort handlers must not call scsi_done(). Otherwise all\nthe above actions would trigger a use-after-free. Hence remove the\nscsi_done() call from srp_abort(). Keep the srp_free_req() call\nbefore returning SUCCESS because we may not see the command again if\nSUCCESS is returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52515",
"url": "https://www.suse.com/security/cve/CVE-2023-52515"
},
{
"category": "external",
"summary": "SUSE Bug 1221048 for CVE-2023-52515",
"url": "https://bugzilla.suse.com/1221048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52515"
},
{
"cve": "CVE-2023-52524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: llcp: Add lock when modifying device list\n\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52524",
"url": "https://www.suse.com/security/cve/CVE-2023-52524"
},
{
"category": "external",
"summary": "SUSE Bug 1220927 for CVE-2023-52524",
"url": "https://bugzilla.suse.com/1220927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52524"
},
{
"cve": "CVE-2023-52528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg\n\nsyzbot reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\nBUG: KMSAN: uninit-value in smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\nCPU: 0 PID: 8696 Comm: kworker/0:3 Not tainted 5.8.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x21c/0x280 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\n smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\n usbnet_probe+0x1152/0x3f90 drivers/net/usb/usbnet.c:1737\n usb_probe_interface+0xece/0x1550 drivers/usb/core/driver.c:374\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_set_configuration+0x380f/0x3f10 drivers/usb/core/message.c:2032\n usb_generic_driver_probe+0x138/0x300 drivers/usb/core/generic.c:241\n usb_probe_device+0x311/0x490 drivers/usb/core/driver.c:272\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_new_device+0x1bd4/0x2a30 drivers/usb/core/hub.c:2554\n hub_port_connect drivers/usb/core/hub.c:5208 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]\n port_event drivers/usb/core/hub.c:5494 [inline]\n hub_event+0x5e7b/0x8a70 drivers/usb/core/hub.c:5576\n process_one_work+0x1688/0x2140 kernel/workqueue.c:2269\n worker_thread+0x10bc/0x2730 kernel/workqueue.c:2415\n kthread+0x551/0x590 kernel/kthread.c:292\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293\n\nLocal variable ----buf.i87@smsc75xx_bind created at:\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n\nThis issue is caused because usbnet_read_cmd() reads less bytes than requested\n(zero byte in the reproducer). In this case, \u0027buf\u0027 is not properly filled.\n\nThis patch fixes the issue by returning -ENODATA if usbnet_read_cmd() reads\nless bytes than requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52528",
"url": "https://www.suse.com/security/cve/CVE-2023-52528"
},
{
"category": "external",
"summary": "SUSE Bug 1220843 for CVE-2023-52528",
"url": "https://bugzilla.suse.com/1220843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52528"
},
{
"cve": "CVE-2023-52575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52575"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52575",
"url": "https://www.suse.com/security/cve/CVE-2023-52575"
},
{
"category": "external",
"summary": "SUSE Bug 1220871 for CVE-2023-52575",
"url": "https://bugzilla.suse.com/1220871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52575"
},
{
"cve": "CVE-2023-52583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix deadlock or deadcode of misusing dget()\n\nThe lock order is incorrect between denty and its parent, we should\nalways make sure that the parent get the lock first.\n\nBut since this deadcode is never used and the parent dir will always\nbe set from the callers, let\u0027s just remove it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52583",
"url": "https://www.suse.com/security/cve/CVE-2023-52583"
},
{
"category": "external",
"summary": "SUSE Bug 1221058 for CVE-2023-52583",
"url": "https://bugzilla.suse.com/1221058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52583"
},
{
"cve": "CVE-2023-52587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/ipoib: Fix mcast list locking\n\nReleasing the `priv-\u003elock` while iterating the `priv-\u003emulticast_list` in\n`ipoib_mcast_join_task()` opens a window for `ipoib_mcast_dev_flush()` to\nremove the items while in the middle of iteration. If the mcast is removed\nwhile the lock was dropped, the for loop spins forever resulting in a hard\nlockup (as was reported on RHEL 4.18.0-372.75.1.el8_6 kernel):\n\n Task A (kworker/u72:2 below) | Task B (kworker/u72:0 below)\n -----------------------------------+-----------------------------------\n ipoib_mcast_join_task(work) | ipoib_ib_dev_flush_light(work)\n spin_lock_irq(\u0026priv-\u003elock) | __ipoib_ib_dev_flush(priv, ...)\n list_for_each_entry(mcast, | ipoib_mcast_dev_flush(dev = priv-\u003edev)\n \u0026priv-\u003emulticast_list, list) |\n ipoib_mcast_join(dev, mcast) |\n spin_unlock_irq(\u0026priv-\u003elock) |\n | spin_lock_irqsave(\u0026priv-\u003elock, flags)\n | list_for_each_entry_safe(mcast, tmcast,\n | \u0026priv-\u003emulticast_list, list)\n | list_del(\u0026mcast-\u003elist);\n | list_add_tail(\u0026mcast-\u003elist, \u0026remove_list)\n | spin_unlock_irqrestore(\u0026priv-\u003elock, flags)\n spin_lock_irq(\u0026priv-\u003elock) |\n | ipoib_mcast_remove_list(\u0026remove_list)\n (Here, `mcast` is no longer on the | list_for_each_entry_safe(mcast, tmcast,\n `priv-\u003emulticast_list` and we keep | remove_list, list)\n spinning on the `remove_list` of | \u003e\u003e\u003e wait_for_completion(\u0026mcast-\u003edone)\n the other thread which is blocked |\n and the list is still valid on |\n it\u0027s stack.)\n\nFix this by keeping the lock held and changing to GFP_ATOMIC to prevent\neventual sleeps.\nUnfortunately we could not reproduce the lockup and confirm this fix but\nbased on the code review I think this fix should address such lockups.\n\ncrash\u003e bc 31\nPID: 747 TASK: ff1c6a1a007e8000 CPU: 31 COMMAND: \"kworker/u72:2\"\n--\n [exception RIP: ipoib_mcast_join_task+0x1b1]\n RIP: ffffffffc0944ac1 RSP: ff646f199a8c7e00 RFLAGS: 00000002\n RAX: 0000000000000000 RBX: ff1c6a1a04dc82f8 RCX: 0000000000000000\n work (\u0026priv-\u003emcast_task{,.work})\n RDX: ff1c6a192d60ac68 RSI: 0000000000000286 RDI: ff1c6a1a04dc8000\n \u0026mcast-\u003elist\n RBP: ff646f199a8c7e90 R8: ff1c699980019420 R9: ff1c6a1920c9a000\n R10: ff646f199a8c7e00 R11: ff1c6a191a7d9800 R12: ff1c6a192d60ac00\n mcast\n R13: ff1c6a1d82200000 R14: ff1c6a1a04dc8000 R15: ff1c6a1a04dc82d8\n dev priv (\u0026priv-\u003elock) \u0026priv-\u003emulticast_list (aka head)\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n--- \u003cNMI exception stack\u003e ---\n #5 [ff646f199a8c7e00] ipoib_mcast_join_task+0x1b1 at ffffffffc0944ac1 [ib_ipoib]\n #6 [ff646f199a8c7e98] process_one_work+0x1a7 at ffffffff9bf10967\n\ncrash\u003e rx ff646f199a8c7e68\nff646f199a8c7e68: ff1c6a1a04dc82f8 \u003c\u003c\u003c work = \u0026priv-\u003emcast_task.work\n\ncrash\u003e list -hO ipoib_dev_priv.multicast_list ff1c6a1a04dc8000\n(empty)\n\ncrash\u003e ipoib_dev_priv.mcast_task.work.func,mcast_mutex.owner.counter ff1c6a1a04dc8000\n mcast_task.work.func = 0xffffffffc0944910 \u003cipoib_mcast_join_task\u003e,\n mcast_mutex.owner.counter = 0xff1c69998efec000\n\ncrash\u003e b 8\nPID: 8 TASK: ff1c69998efec000 CPU: 33 COMMAND: \"kworker/u72:0\"\n--\n #3 [ff646f1980153d50] wait_for_completion+0x96 at ffffffff9c7d7646\n #4 [ff646f1980153d90] ipoib_mcast_remove_list+0x56 at ffffffffc0944dc6 [ib_ipoib]\n #5 [ff646f1980153de8] ipoib_mcast_dev_flush+0x1a7 at ffffffffc09455a7 [ib_ipoib]\n #6 [ff646f1980153e58] __ipoib_ib_dev_flush+0x1a4 at ffffffffc09431a4 [ib_ipoib]\n #7 [ff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52587",
"url": "https://www.suse.com/security/cve/CVE-2023-52587"
},
{
"category": "external",
"summary": "SUSE Bug 1221082 for CVE-2023-52587",
"url": "https://bugzilla.suse.com/1221082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52587"
},
{
"cve": "CVE-2023-52590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change ocfs2 rename code to avoid touching renamed directory if\nits parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52590",
"url": "https://www.suse.com/security/cve/CVE-2023-52590"
},
{
"category": "external",
"summary": "SUSE Bug 1221088 for CVE-2023-52590",
"url": "https://bugzilla.suse.com/1221088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52590"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rt2x00: restart beacon queue when hardware reset\n\nWhen a hardware reset is triggered, all registers are reset, so all\nqueues are forced to stop in hardware interface. However, mac80211\nwill not automatically stop the queue. If we don\u0027t manually stop the\nbeacon queue, the queue will be deadlocked and unable to start again.\nThis patch fixes the issue where Apple devices cannot connect to the\nAP after calling ieee80211_restart_hw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52595",
"url": "https://www.suse.com/security/cve/CVE-2023-52595"
},
{
"category": "external",
"summary": "SUSE Bug 1221046 for CVE-2023-52595",
"url": "https://bugzilla.suse.com/1221046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52595"
},
{
"cve": "CVE-2023-52598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ptrace: handle setting of fpc register correctly\n\nIf the content of the floating point control (fpc) register of a traced\nprocess is modified with the ptrace interface the new value is tested for\nvalidity by temporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the tracing process:\nif an interrupt happens while the value is temporarily loaded into the\nfpc register, and within interrupt context floating point or vector\nregisters are used, the current fp/vx registers are saved with\nsave_fpu_regs() assuming they belong to user space and will be loaded into\nfp/vx registers when returning to user space.\n\ntest_fp_ctl() restores the original user space fpc register value, however\nit will be discarded, when returning to user space.\n\nIn result the tracer will incorrectly continue to run with the value that\nwas supposed to be used for the traced process.\n\nFix this by saving fpu register contents with save_fpu_regs() before using\ntest_fp_ctl().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52598",
"url": "https://www.suse.com/security/cve/CVE-2023-52598"
},
{
"category": "external",
"summary": "SUSE Bug 1221060 for CVE-2023-52598",
"url": "https://bugzilla.suse.com/1221060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52598"
},
{
"cve": "CVE-2023-52607",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52607"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/mm: Fix null-pointer dereference in pgtable_cache_add\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52607",
"url": "https://www.suse.com/security/cve/CVE-2023-52607"
},
{
"category": "external",
"summary": "SUSE Bug 1221061 for CVE-2023-52607",
"url": "https://bugzilla.suse.com/1221061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52607"
},
{
"cve": "CVE-2023-52614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don\u0027t have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52614",
"url": "https://www.suse.com/security/cve/CVE-2023-52614"
},
{
"category": "external",
"summary": "SUSE Bug 1221617 for CVE-2023-52614",
"url": "https://bugzilla.suse.com/1221617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52614"
},
{
"cve": "CVE-2023-52620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52620"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow timeout for anonymous sets\n\nNever used from userspace, disallow these parameters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52620",
"url": "https://www.suse.com/security/cve/CVE-2023-52620"
},
{
"category": "external",
"summary": "SUSE Bug 1221825 for CVE-2023-52620",
"url": "https://bugzilla.suse.com/1221825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52620"
},
{
"cve": "CVE-2023-52628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52628"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nftables: exthdr: fix 4-byte stack OOB write\n\nIf priv-\u003elen is a multiple of 4, then dst[len / 4] can write past\nthe destination array which leads to stack corruption.\n\nThis construct is necessary to clean the remainder of the register\nin case -\u003elen is NOT a multiple of the register size, so make it\nconditional just like nft_payload.c does.\n\nThe bug was added in 4.1 cycle and then copied/inherited when\ntcp/sctp and ip option support was added.\n\nBug reported by Zero Day Initiative project (ZDI-CAN-21950,\nZDI-CAN-21951, ZDI-CAN-21961).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52628",
"url": "https://www.suse.com/security/cve/CVE-2023-52628"
},
{
"category": "external",
"summary": "SUSE Bug 1222117 for CVE-2023-52628",
"url": "https://bugzilla.suse.com/1222117"
},
{
"category": "external",
"summary": "SUSE Bug 1222118 for CVE-2023-52628",
"url": "https://bugzilla.suse.com/1222118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2023-52628"
},
{
"cve": "CVE-2023-52635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Synchronize devfreq_monitor_[start/stop]\n\nThere is a chance if a frequent switch of the governor\ndone in a loop result in timer list corruption where\ntimer cancel being done from two place one from\ncancel_delayed_work_sync() and followed by expire_timers()\ncan be seen from the traces[1].\n\nwhile true\ndo\n echo \"simple_ondemand\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\n echo \"performance\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\ndone\n\nIt looks to be issue with devfreq driver where\ndevice_monitor_[start/stop] need to synchronized so that\ndelayed work should get corrupted while it is either\nbeing queued or running or being cancelled.\n\nLet\u0027s use polling flag and devfreq lock to synchronize the\nqueueing the timer instance twice and work data being\ncorrupted.\n\n[1]\n...\n..\n\u003cidle\u003e-0 [003] 9436.209662: timer_cancel timer=0xffffff80444f0428\n\u003cidle\u003e-0 [003] 9436.209664: timer_expire_entry timer=0xffffff80444f0428 now=0x10022da1c function=__typeid__ZTSFvP10timer_listE_global_addr baseclk=0x10022da1c\n\u003cidle\u003e-0 [003] 9436.209718: timer_expire_exit timer=0xffffff80444f0428\nkworker/u16:6-14217 [003] 9436.209863: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2b now=0x10022da1c flags=182452227\nvendor.xxxyyy.ha-1593 [004] 9436.209888: timer_cancel timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216390: timer_init timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216392: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2c now=0x10022da1d flags=186646532\nvendor.xxxyyy.ha-1593 [005] 9436.220992: timer_cancel timer=0xffffff80444f0428\nxxxyyyTraceManag-7795 [004] 9436.261641: timer_cancel timer=0xffffff80444f0428\n\n[2]\n\n 9436.261653][ C4] Unable to handle kernel paging request at virtual address dead00000000012a\n[ 9436.261664][ C4] Mem abort info:\n[ 9436.261666][ C4] ESR = 0x96000044\n[ 9436.261669][ C4] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 9436.261671][ C4] SET = 0, FnV = 0\n[ 9436.261673][ C4] EA = 0, S1PTW = 0\n[ 9436.261675][ C4] Data abort info:\n[ 9436.261677][ C4] ISV = 0, ISS = 0x00000044\n[ 9436.261680][ C4] CM = 0, WnR = 1\n[ 9436.261682][ C4] [dead00000000012a] address between user and kernel address ranges\n[ 9436.261685][ C4] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 9436.261701][ C4] Skip md ftrace buffer dump for: 0x3a982d0\n...\n\n[ 9436.262138][ C4] CPU: 4 PID: 7795 Comm: TraceManag Tainted: G S W O 5.10.149-android12-9-o-g17f915d29d0c #1\n[ 9436.262141][ C4] Hardware name: Qualcomm Technologies, Inc. (DT)\n[ 9436.262144][ C4] pstate: 22400085 (nzCv daIf +PAN -UAO +TCO BTYPE=--)\n[ 9436.262161][ C4] pc : expire_timers+0x9c/0x438\n[ 9436.262164][ C4] lr : expire_timers+0x2a4/0x438\n[ 9436.262168][ C4] sp : ffffffc010023dd0\n[ 9436.262171][ C4] x29: ffffffc010023df0 x28: ffffffd0636fdc18\n[ 9436.262178][ C4] x27: ffffffd063569dd0 x26: ffffffd063536008\n[ 9436.262182][ C4] x25: 0000000000000001 x24: ffffff88f7c69280\n[ 9436.262185][ C4] x23: 00000000000000e0 x22: dead000000000122\n[ 9436.262188][ C4] x21: 000000010022da29 x20: ffffff8af72b4e80\n[ 9436.262191][ C4] x19: ffffffc010023e50 x18: ffffffc010025038\n[ 9436.262195][ C4] x17: 0000000000000240 x16: 0000000000000201\n[ 9436.262199][ C4] x15: ffffffffffffffff x14: ffffff889f3c3100\n[ 9436.262203][ C4] x13: ffffff889f3c3100 x12: 00000000049f56b8\n[ 9436.262207][ C4] x11: 00000000049f56b8 x10: 00000000ffffffff\n[ 9436.262212][ C4] x9 : ffffffc010023e50 x8 : dead000000000122\n[ 9436.262216][ C4] x7 : ffffffffffffffff x6 : ffffffc0100239d8\n[ 9436.262220][ C4] x5 : 0000000000000000 x4 : 0000000000000101\n[ 9436.262223][ C4] x3 : 0000000000000080 x2 : ffffff8\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52635",
"url": "https://www.suse.com/security/cve/CVE-2023-52635"
},
{
"category": "external",
"summary": "SUSE Bug 1222294 for CVE-2023-52635",
"url": "https://bugzilla.suse.com/1222294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52635"
},
{
"cve": "CVE-2023-52639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: vsie: fix race during shadow creation\n\nRight now it is possible to see gmap-\u003eprivate being zero in\nkvm_s390_vsie_gmap_notifier resulting in a crash. This is due to the\nfact that we add gmap-\u003eprivate == kvm after creation:\n\nstatic int acquire_gmap_shadow(struct kvm_vcpu *vcpu,\n struct vsie_page *vsie_page)\n{\n[...]\n gmap = gmap_shadow(vcpu-\u003earch.gmap, asce, edat);\n if (IS_ERR(gmap))\n return PTR_ERR(gmap);\n gmap-\u003eprivate = vcpu-\u003ekvm;\n\nLet children inherit the private field of the parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52639",
"url": "https://www.suse.com/security/cve/CVE-2023-52639"
},
{
"category": "external",
"summary": "SUSE Bug 1222300 for CVE-2023-52639",
"url": "https://bugzilla.suse.com/1222300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52639"
},
{
"cve": "CVE-2023-52644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled\n\nWhen QoS is disabled, the queue priority value will not map to the correct\nieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS\nis disabled to prevent trying to stop/wake a non-existent queue and failing\nto stop/wake the actual queue instantiated.\n\nLog of issue before change (with kernel parameter qos=0):\n [ +5.112651] ------------[ cut here ]------------\n [ +0.000005] WARNING: CPU: 7 PID: 25513 at net/mac80211/util.c:449 __ieee80211_wake_queue+0xd5/0x180 [mac80211]\n [ +0.000067] Modules linked in: b43(O) snd_seq_dummy snd_hrtimer snd_seq snd_seq_device nft_chain_nat xt_MASQUERADE nf_nat xfrm_user xfrm_algo xt_addrtype overlay ccm af_packet amdgpu snd_hda_codec_cirrus snd_hda_codec_generic ledtrig_audio drm_exec amdxcp gpu_sched xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip6t_rpfilter ipt_rpfilter xt_pkttype xt_LOG nf_log_syslog xt_tcpudp nft_compat nf_tables nfnetlink sch_fq_codel btusb uinput iTCO_wdt ctr btrtl intel_pmc_bxt i915 intel_rapl_msr mei_hdcp mei_pxp joydev at24 watchdog btintel atkbd libps2 serio radeon btbcm vivaldi_fmap btmtk intel_rapl_common snd_hda_codec_hdmi bluetooth uvcvideo nls_iso8859_1 applesmc nls_cp437 x86_pkg_temp_thermal snd_hda_intel intel_powerclamp vfat videobuf2_vmalloc coretemp fat snd_intel_dspcfg crc32_pclmul uvc polyval_clmulni snd_intel_sdw_acpi loop videobuf2_memops snd_hda_codec tun drm_suballoc_helper polyval_generic drm_ttm_helper drm_buddy tap ecdh_generic videobuf2_v4l2 gf128mul macvlan ttm ghash_clmulni_intel ecc tg3\n [ +0.000044] videodev bridge snd_hda_core rapl crc16 drm_display_helper cec mousedev snd_hwdep evdev intel_cstate bcm5974 hid_appleir videobuf2_common stp mac_hid libphy snd_pcm drm_kms_helper acpi_als mei_me intel_uncore llc mc snd_timer intel_gtt industrialio_triggered_buffer apple_mfi_fastcharge i2c_i801 mei snd lpc_ich agpgart ptp i2c_smbus thunderbolt apple_gmux i2c_algo_bit kfifo_buf video industrialio soundcore pps_core wmi tiny_power_button sbs sbshc button ac cordic bcma mac80211 cfg80211 ssb rfkill libarc4 kvm_intel kvm drm irqbypass fuse backlight firmware_class efi_pstore configfs efivarfs dmi_sysfs ip_tables x_tables autofs4 dm_crypt cbc encrypted_keys trusted asn1_encoder tee tpm rng_core input_leds hid_apple led_class hid_generic usbhid hid sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif crct10dif_generic ahci libahci libata uhci_hcd ehci_pci ehci_hcd crct10dif_pclmul crct10dif_common sha512_ssse3 sha512_generic sha256_ssse3 sha1_ssse3 aesni_intel usbcore scsi_mod libaes crypto_simd cryptd scsi_common\n [ +0.000055] usb_common rtc_cmos btrfs blake2b_generic libcrc32c crc32c_generic crc32c_intel xor raid6_pq dm_snapshot dm_bufio dm_mod dax [last unloaded: b43(O)]\n [ +0.000009] CPU: 7 PID: 25513 Comm: irq/17-b43 Tainted: G W O 6.6.7 #1-NixOS\n [ +0.000003] Hardware name: Apple Inc. MacBookPro8,3/Mac-942459F5819B171B, BIOS 87.0.0.0.0 06/13/2019\n [ +0.000001] RIP: 0010:__ieee80211_wake_queue+0xd5/0x180 [mac80211]\n [ +0.000046] Code: 00 45 85 e4 0f 85 9b 00 00 00 48 8d bd 40 09 00 00 f0 48 0f ba ad 48 09 00 00 00 72 0f 5b 5d 41 5c 41 5d 41 5e e9 cb 6d 3c d0 \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e c3 cc cc cc cc 48 8d b4 16 94 00 00\n [ +0.000002] RSP: 0018:ffffc90003c77d60 EFLAGS: 00010097\n [ +0.000001] RAX: 0000000000000001 RBX: 0000000000000002 RCX: 0000000000000000\n [ +0.000001] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff88820b924900\n [ +0.000002] RBP: ffff88820b924900 R08: ffffc90003c77d90 R09: 000000000003bfd0\n [ +0.000001] R10: ffff88820b924900 R11: ffffc90003c77c68 R12: 0000000000000000\n [ +0.000001] R13: 0000000000000000 R14: ffffc90003c77d90 R15: ffffffffc0fa6f40\n [ +0.000001] FS: 0000000000000000(0000) GS:ffff88846fb80000(0000) knlGS:0000000000000000\n [ +0.000001] CS: 0010 DS: 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52644",
"url": "https://www.suse.com/security/cve/CVE-2023-52644"
},
{
"category": "external",
"summary": "SUSE Bug 1222961 for CVE-2023-52644",
"url": "https://bugzilla.suse.com/1222961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52644"
},
{
"cve": "CVE-2023-52646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm-\u003eioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52646",
"url": "https://www.suse.com/security/cve/CVE-2023-52646"
},
{
"category": "external",
"summary": "SUSE Bug 1223432 for CVE-2023-52646",
"url": "https://bugzilla.suse.com/1223432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: dsi: Add missing check for of_find_device_by_node\n\nAdd check for the return value of of_find_device_by_node() and return\nthe error if it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52650",
"url": "https://www.suse.com/security/cve/CVE-2023-52650"
},
{
"category": "external",
"summary": "SUSE Bug 1223770 for CVE-2023-52650",
"url": "https://bugzilla.suse.com/1223770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52650"
},
{
"cve": "CVE-2023-52652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52652",
"url": "https://www.suse.com/security/cve/CVE-2023-52652"
},
{
"category": "external",
"summary": "SUSE Bug 1223686 for CVE-2023-52652",
"url": "https://bugzilla.suse.com/1223686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2023-6356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6356"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6356",
"url": "https://www.suse.com/security/cve/CVE-2023-6356"
},
{
"category": "external",
"summary": "SUSE Bug 1217987 for CVE-2023-6356",
"url": "https://bugzilla.suse.com/1217987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-6356"
},
{
"cve": "CVE-2023-6535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6535"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6535",
"url": "https://www.suse.com/security/cve/CVE-2023-6535"
},
{
"category": "external",
"summary": "SUSE Bug 1217988 for CVE-2023-6535",
"url": "https://bugzilla.suse.com/1217988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-6535"
},
{
"cve": "CVE-2023-6536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6536"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6536",
"url": "https://www.suse.com/security/cve/CVE-2023-6536"
},
{
"category": "external",
"summary": "SUSE Bug 1217989 for CVE-2023-6536",
"url": "https://bugzilla.suse.com/1217989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-6536"
},
{
"cve": "CVE-2023-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7042"
}
],
"notes": [
{
"category": "general",
"text": "A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7042",
"url": "https://www.suse.com/security/cve/CVE-2023-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1218336 for CVE-2023-7042",
"url": "https://bugzilla.suse.com/1218336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-7042"
},
{
"cve": "CVE-2023-7192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7192"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7192",
"url": "https://www.suse.com/security/cve/CVE-2023-7192"
},
{
"category": "external",
"summary": "SUSE Bug 1218479 for CVE-2023-7192",
"url": "https://bugzilla.suse.com/1218479"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-7192",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2023-7192"
},
{
"cve": "CVE-2024-2201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2201"
}
],
"notes": [
{
"category": "general",
"text": "A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2201",
"url": "https://www.suse.com/security/cve/CVE-2024-2201"
},
{
"category": "external",
"summary": "SUSE Bug 1212111 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1212111"
},
{
"category": "external",
"summary": "SUSE Bug 1217339 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1217339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-2201"
},
{
"cve": "CVE-2024-22099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-22099"
}
],
"notes": [
{
"category": "general",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-22099",
"url": "https://www.suse.com/security/cve/CVE-2024-22099"
},
{
"category": "external",
"summary": "SUSE Bug 1219170 for CVE-2024-22099",
"url": "https://bugzilla.suse.com/1219170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-23848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23848",
"url": "https://www.suse.com/security/cve/CVE-2024-23848"
},
{
"category": "external",
"summary": "SUSE Bug 1219104 for CVE-2024-23848",
"url": "https://bugzilla.suse.com/1219104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-24855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24855"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24855",
"url": "https://www.suse.com/security/cve/CVE-2024-24855"
},
{
"category": "external",
"summary": "SUSE Bug 1219618 for CVE-2024-24855",
"url": "https://bugzilla.suse.com/1219618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-24861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24861"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24861",
"url": "https://www.suse.com/security/cve/CVE-2024-24861"
},
{
"category": "external",
"summary": "SUSE Bug 1219623 for CVE-2024-24861",
"url": "https://bugzilla.suse.com/1219623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-24861"
},
{
"cve": "CVE-2024-26614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue\u0027s spinlocks once\n\nWhen I run syz\u0027s reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff \u003c0f\u003e 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n\u003cIRQ\u003e\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n\u003c/IRQ\u003e\n\u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n\u003c/TASK\u003e\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26614",
"url": "https://www.suse.com/security/cve/CVE-2024-26614"
},
{
"category": "external",
"summary": "SUSE Bug 1221293 for CVE-2024-26614",
"url": "https://bugzilla.suse.com/1221293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26614"
},
{
"cve": "CVE-2024-26642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26642",
"url": "https://www.suse.com/security/cve/CVE-2024-26642"
},
{
"category": "external",
"summary": "SUSE Bug 1221830 for CVE-2024-26642",
"url": "https://bugzilla.suse.com/1221830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26642"
},
{
"cve": "CVE-2024-26651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsr9800: Add check for usbnet_get_endpoints\n\nAdd check for usbnet_get_endpoints() and return the error if it fails\nin order to transfer the error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26651",
"url": "https://www.suse.com/security/cve/CVE-2024-26651"
},
{
"category": "external",
"summary": "SUSE Bug 1221337 for CVE-2024-26651",
"url": "https://bugzilla.suse.com/1221337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26651"
},
{
"cve": "CVE-2024-26671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26671",
"url": "https://www.suse.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "SUSE Bug 1222357 for CVE-2024-26671",
"url": "https://bugzilla.suse.com/1222357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26671"
},
{
"cve": "CVE-2024-26675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp_async: limit MRU to 64K\n\nsyzbot triggered a warning [1] in __alloc_pages():\n\nWARN_ON_ONCE_GFP(order \u003e MAX_PAGE_ORDER, gfp)\n\nWillem fixed a similar issue in commit c0a2a1b0d631 (\"ppp: limit MRU to 64K\")\n\nAdopt the same sanity check for ppp_async_ioctl(PPPIOCSMRU)\n\n[1]:\n\n WARNING: CPU: 1 PID: 11 at mm/page_alloc.c:4543 __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\nModules linked in:\nCPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted 6.8.0-rc2-syzkaller-g41bccc98fb79 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: events_unbound flush_to_ldisc\npstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n lr : __alloc_pages+0xc8/0x698 mm/page_alloc.c:4537\nsp : ffff800093967580\nx29: ffff800093967660 x28: ffff8000939675a0 x27: dfff800000000000\nx26: ffff70001272ceb4 x25: 0000000000000000 x24: ffff8000939675c0\nx23: 0000000000000000 x22: 0000000000060820 x21: 1ffff0001272ceb8\nx20: ffff8000939675e0 x19: 0000000000000010 x18: ffff800093967120\nx17: ffff800083bded5c x16: ffff80008ac97500 x15: 0000000000000005\nx14: 1ffff0001272cebc x13: 0000000000000000 x12: 0000000000000000\nx11: ffff70001272cec1 x10: 1ffff0001272cec0 x9 : 0000000000000001\nx8 : ffff800091c91000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 00000000ffffffff x4 : 0000000000000000 x3 : 0000000000000020\nx2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff8000939675e0\nCall trace:\n __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n __kmalloc_large_node+0xbc/0x1fc mm/slub.c:3926\n __do_kmalloc_node mm/slub.c:3969 [inline]\n __kmalloc_node_track_caller+0x418/0x620 mm/slub.c:4001\n kmalloc_reserve+0x17c/0x23c net/core/skbuff.c:590\n __alloc_skb+0x1c8/0x3d8 net/core/skbuff.c:651\n __netdev_alloc_skb+0xb8/0x3e8 net/core/skbuff.c:715\n netdev_alloc_skb include/linux/skbuff.h:3235 [inline]\n dev_alloc_skb include/linux/skbuff.h:3248 [inline]\n ppp_async_input drivers/net/ppp/ppp_async.c:863 [inline]\n ppp_asynctty_receive+0x588/0x186c drivers/net/ppp/ppp_async.c:341\n tty_ldisc_receive_buf+0x12c/0x15c drivers/tty/tty_buffer.c:390\n tty_port_default_receive_buf+0x74/0xac drivers/tty/tty_port.c:37\n receive_buf drivers/tty/tty_buffer.c:444 [inline]\n flush_to_ldisc+0x284/0x6e4 drivers/tty/tty_buffer.c:494\n process_one_work+0x694/0x1204 kernel/workqueue.c:2633\n process_scheduled_works kernel/workqueue.c:2706 [inline]\n worker_thread+0x938/0xef4 kernel/workqueue.c:2787\n kthread+0x288/0x310 kernel/kthread.c:388\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26675",
"url": "https://www.suse.com/security/cve/CVE-2024-26675"
},
{
"category": "external",
"summary": "SUSE Bug 1222379 for CVE-2024-26675",
"url": "https://bugzilla.suse.com/1222379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26675"
},
{
"cve": "CVE-2024-26689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: prevent use-after-free in encode_cap_msg()\n\nIn fs/ceph/caps.c, in encode_cap_msg(), \"use after free\" error was\ncaught by KASAN at this line - \u0027ceph_buffer_get(arg-\u003exattr_buf);\u0027. This\nimplies before the refcount could be increment here, it was freed.\n\nIn same file, in \"handle_cap_grant()\" refcount is decremented by this\nline - \u0027ceph_buffer_put(ci-\u003ei_xattrs.blob);\u0027. It appears that a race\noccurred and resource was freed by the latter line before the former\nline could increment it.\n\nencode_cap_msg() is called by __send_cap() and __send_cap() is called by\nceph_check_caps() after calling __prep_cap(). __prep_cap() is where\narg-\u003exattr_buf is assigned to ci-\u003ei_xattrs.blob. This is the spot where\nthe refcount must be increased to prevent \"use after free\" error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26689",
"url": "https://www.suse.com/security/cve/CVE-2024-26689"
},
{
"category": "external",
"summary": "SUSE Bug 1222503 for CVE-2024-26689",
"url": "https://bugzilla.suse.com/1222503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26689"
},
{
"cve": "CVE-2024-26704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double-free of blocks due to wrong extents moved_len\n\nIn ext4_move_extents(), moved_len is only updated when all moves are\nsuccessfully executed, and only discards orig_inode and donor_inode\npreallocations when moved_len is not zero. When the loop fails to exit\nafter successfully moving some extents, moved_len is not updated and\nremains at 0, so it does not discard the preallocations.\n\nIf the moved extents overlap with the preallocated extents, the\noverlapped extents are freed twice in ext4_mb_release_inode_pa() and\next4_process_freed_data() (as described in commit 94d7c16cbbbd (\"ext4:\nFix double-free of blocks with EXT4_IOC_MOVE_EXT\")), and bb_free is\nincremented twice. Hence when trim is executed, a zero-division bug is\ntriggered in mb_update_avg_fragment_size() because bb_free is not zero\nand bb_fragments is zero.\n\nTherefore, update move_len after each extent move to avoid the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26704",
"url": "https://www.suse.com/security/cve/CVE-2024-26704"
},
{
"category": "external",
"summary": "SUSE Bug 1222422 for CVE-2024-26704",
"url": "https://bugzilla.suse.com/1222422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26704"
},
{
"cve": "CVE-2024-26733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26733",
"url": "https://www.suse.com/security/cve/CVE-2024-26733"
},
{
"category": "external",
"summary": "SUSE Bug 1222585 for CVE-2024-26733",
"url": "https://bugzilla.suse.com/1222585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26733"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix qedr_create_user_qp error flow\n\nAvoid the following warning by making sure to free the allocated\nresources in case that qedr_init_user_queue() fail.\n\n-----------[ cut here ]-----------\nWARNING: CPU: 0 PID: 143192 at drivers/infiniband/core/rdma_core.c:874 uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nModules linked in: tls target_core_user uio target_core_pscsi target_core_file target_core_iblock ib_srpt ib_srp scsi_transport_srp nfsd nfs_acl rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs 8021q garp mrp stp llc ext4 mbcache jbd2 opa_vnic ib_umad ib_ipoib sunrpc rdma_ucm ib_isert iscsi_target_mod target_core_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm hfi1 intel_rapl_msr intel_rapl_common mgag200 qedr sb_edac drm_shmem_helper rdmavt x86_pkg_temp_thermal drm_kms_helper intel_powerclamp ib_uverbs coretemp i2c_algo_bit kvm_intel dell_wmi_descriptor ipmi_ssif sparse_keymap kvm ib_core rfkill syscopyarea sysfillrect video sysimgblt irqbypass ipmi_si ipmi_devintf fb_sys_fops rapl iTCO_wdt mxm_wmi iTCO_vendor_support intel_cstate pcspkr dcdbas intel_uncore ipmi_msghandler lpc_ich acpi_power_meter mei_me mei fuse drm xfs libcrc32c qede sd_mod ahci libahci t10_pi sg crct10dif_pclmul crc32_pclmul crc32c_intel qed libata tg3\nghash_clmulni_intel megaraid_sas crc8 wmi [last unloaded: ib_srpt]\nCPU: 0 PID: 143192 Comm: fi_rdm_tagged_p Kdump: loaded Not tainted 5.14.0-408.el9.x86_64 #1\nHardware name: Dell Inc. PowerEdge R430/03XKDV, BIOS 2.14.0 01/25/2022\nRIP: 0010:uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nCode: 5d 41 5c 41 5d 41 5e e9 0f 26 1b dd 48 89 df e8 67 6a ff ff 49 8b 86 10 01 00 00 48 85 c0 74 9c 4c 89 e7 e8 83 c0 cb dd eb 92 \u003c0f\u003e 0b eb be 0f 0b be 04 00 00 00 48 89 df e8 8e f5 ff ff e9 6d ff\nRSP: 0018:ffffb7c6cadfbc60 EFLAGS: 00010286\nRAX: ffff8f0889ee3f60 RBX: ffff8f088c1a5200 RCX: 00000000802a0016\nRDX: 00000000802a0017 RSI: 0000000000000001 RDI: ffff8f0880042600\nRBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\nR10: ffff8f11fffd5000 R11: 0000000000039000 R12: ffff8f0d5b36cd80\nR13: ffff8f088c1a5250 R14: ffff8f1206d91000 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8f11d7c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000147069200e20 CR3: 00000001c7210002 CR4: 00000000001706f0\nCall Trace:\n\u003cTASK\u003e\n? show_trace_log_lvl+0x1c4/0x2df\n? show_trace_log_lvl+0x1c4/0x2df\n? ib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? __warn+0x81/0x110\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? report_bug+0x10a/0x140\n? handle_bug+0x3c/0x70\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n__fput+0x94/0x250\ntask_work_run+0x5c/0x90\ndo_exit+0x270/0x4a0\ndo_group_exit+0x2d/0x90\nget_signal+0x87c/0x8c0\narch_do_signal_or_restart+0x25/0x100\n? ib_uverbs_ioctl+0xc2/0x110 [ib_uverbs]\nexit_to_user_mode_loop+0x9c/0x130\nexit_to_user_mode_prepare+0xb6/0x100\nsyscall_exit_to_user_mode+0x12/0x40\ndo_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\n? common_interrupt+0x43/0xa0\nentry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x1470abe3ec6b\nCode: Unable to access opcode bytes at RIP 0x1470abe3ec41.\nRSP: 002b:00007fff13ce9108 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: fffffffffffffffc RBX: 00007fff13ce9218 RCX: 00001470abe3ec6b\nRDX: 00007fff13ce9200 RSI: 00000000c0181b01 RDI: 0000000000000004\nRBP: 00007fff13ce91e0 R08: 0000558d9655da10 R09: 0000558d9655dd00\nR10: 00007fff13ce95c0 R11: 0000000000000246 R12: 00007fff13ce9358\nR13: 0000000000000013 R14: 0000558d9655db50 R15: 00007fff13ce9470\n\u003c/TASK\u003e\n--[ end trace 888a9b92e04c5c97 ]--",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26743",
"url": "https://www.suse.com/security/cve/CVE-2024-26743"
},
{
"category": "external",
"summary": "SUSE Bug 1222677 for CVE-2024-26743",
"url": "https://bugzilla.suse.com/1222677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26743"
},
{
"cve": "CVE-2024-26744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Support specifying the srpt_service_guid parameter\n\nMake loading ib_srpt with this parameter set work. The current behavior is\nthat setting that parameter while loading the ib_srpt kernel module\ntriggers the following kernel crash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCall Trace:\n \u003cTASK\u003e\n parse_one+0x18c/0x1d0\n parse_args+0xe1/0x230\n load_module+0x8de/0xa60\n init_module_from_file+0x8b/0xd0\n idempotent_init_module+0x181/0x240\n __x64_sys_finit_module+0x5a/0xb0\n do_syscall_64+0x5f/0xe0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26744",
"url": "https://www.suse.com/security/cve/CVE-2024-26744"
},
{
"category": "external",
"summary": "SUSE Bug 1222449 for CVE-2024-26744",
"url": "https://bugzilla.suse.com/1222449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26744"
},
{
"cve": "CVE-2024-26747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: roles: fix NULL pointer issue when put module\u0027s reference\n\nIn current design, usb role class driver will get usb_role_switch parent\u0027s\nmodule reference after the user get usb_role_switch device and put the\nreference after the user put the usb_role_switch device. However, the\nparent device of usb_role_switch may be removed before the user put the\nusb_role_switch. If so, then, NULL pointer issue will be met when the user\nput the parent module\u0027s reference.\n\nThis will save the module pointer in structure of usb_role_switch. Then,\nwe don\u0027t need to find module by iterating long relations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26747",
"url": "https://www.suse.com/security/cve/CVE-2024-26747"
},
{
"category": "external",
"summary": "SUSE Bug 1222609 for CVE-2024-26747",
"url": "https://bugzilla.suse.com/1222609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26747"
},
{
"cve": "CVE-2024-26754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()\n\nThe gtp_net_ops pernet operations structure for the subsystem must be\nregistered before registering the generic netlink family.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\ngeneral protection fault, probably for non-canonical address\n0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\nCPU: 1 PID: 5826 Comm: gtp Not tainted 6.8.0-rc3-std-def-alt1 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\nRIP: 0010:gtp_genl_dump_pdp+0x1be/0x800 [gtp]\nCode: c6 89 c6 e8 64 e9 86 df 58 45 85 f6 0f 85 4e 04 00 00 e8 c5 ee 86\n df 48 8b 54 24 18 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e\n 3c 02 00 0f 85 de 05 00 00 48 8b 44 24 18 4c 8b 30 4c 39 f0 74\nRSP: 0018:ffff888014107220 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff88800fcda588 R14: 0000000000000001 R15: 0000000000000000\nFS: 00007f1be4eb05c0(0000) GS:ffff88806ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1be4e766cf CR3: 000000000c33e000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? show_regs+0x90/0xa0\n ? die_addr+0x50/0xd0\n ? exc_general_protection+0x148/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? gtp_genl_dump_pdp+0x1be/0x800 [gtp]\n ? __alloc_skb+0x1dd/0x350\n ? __pfx___alloc_skb+0x10/0x10\n genl_dumpit+0x11d/0x230\n netlink_dump+0x5b9/0xce0\n ? lockdep_hardirqs_on_prepare+0x253/0x430\n ? __pfx_netlink_dump+0x10/0x10\n ? kasan_save_track+0x10/0x40\n ? __kasan_kmalloc+0x9b/0xa0\n ? genl_start+0x675/0x970\n __netlink_dump_start+0x6fc/0x9f0\n genl_family_rcv_msg_dumpit+0x1bb/0x2d0\n ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10\n ? genl_op_from_small+0x2a/0x440\n ? cap_capable+0x1d0/0x240\n ? __pfx_genl_start+0x10/0x10\n ? __pfx_genl_dumpit+0x10/0x10\n ? __pfx_genl_done+0x10/0x10\n ? security_capable+0x9d/0xe0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26754",
"url": "https://www.suse.com/security/cve/CVE-2024-26754"
},
{
"category": "external",
"summary": "SUSE Bug 1222632 for CVE-2024-26754",
"url": "https://bugzilla.suse.com/1222632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26754"
},
{
"cve": "CVE-2024-26763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-crypt: don\u0027t modify the data when using authenticated encryption\n\nIt was said that authenticated encryption could produce invalid tag when\nthe data that is being encrypted is modified [1]. So, fix this problem by\ncopying the data into the clone bio first and then encrypt them inside the\nclone bio.\n\nThis may reduce performance, but it is needed to prevent the user from\ncorrupting the device by writing data with O_DIRECT and modifying them at\nthe same time.\n\n[1] https://lore.kernel.org/all/20240207004723.GA35324@sol.localdomain/T/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26763",
"url": "https://www.suse.com/security/cve/CVE-2024-26763"
},
{
"category": "external",
"summary": "SUSE Bug 1222720 for CVE-2024-26763",
"url": "https://bugzilla.suse.com/1222720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26763"
},
{
"cve": "CVE-2024-26771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Add some null pointer checks to the edma_probe\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26771",
"url": "https://www.suse.com/security/cve/CVE-2024-26771"
},
{
"category": "external",
"summary": "SUSE Bug 1222610 for CVE-2024-26771",
"url": "https://bugzilla.suse.com/1222610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26771"
},
{
"cve": "CVE-2024-26772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26772",
"url": "https://www.suse.com/security/cve/CVE-2024-26772"
},
{
"category": "external",
"summary": "SUSE Bug 1222613 for CVE-2024-26772",
"url": "https://bugzilla.suse.com/1222613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26772"
},
{
"cve": "CVE-2024-26773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26773",
"url": "https://www.suse.com/security/cve/CVE-2024-26773"
},
{
"category": "external",
"summary": "SUSE Bug 1222618 for CVE-2024-26773",
"url": "https://bugzilla.suse.com/1222618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26773"
},
{
"cve": "CVE-2024-26777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: sis: Error out if pixclock equals zero\n\nThe userspace program could pass any values to the driver through\nioctl() interface. If the driver doesn\u0027t check the value of pixclock,\nit may cause divide-by-zero error.\n\nIn sisfb_check_var(), var-\u003epixclock is used as a divisor to caculate\ndrate before it is checked against zero. Fix this by checking it\nat the beginning.\n\nThis is similar to CVE-2022-3061 in i740fb which was fixed by\ncommit 15cf0b8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26777",
"url": "https://www.suse.com/security/cve/CVE-2024-26777"
},
{
"category": "external",
"summary": "SUSE Bug 1222765 for CVE-2024-26777",
"url": "https://bugzilla.suse.com/1222765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26777"
},
{
"cve": "CVE-2024-26778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26778"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Error out if pixclock equals zero\n\nThe userspace program could pass any values to the driver through\nioctl() interface. If the driver doesn\u0027t check the value of pixclock,\nit may cause divide-by-zero error.\n\nAlthough pixclock is checked in savagefb_decode_var(), but it is not\nchecked properly in savagefb_probe(). Fix this by checking whether\npixclock is zero in the function savagefb_check_var() before\ninfo-\u003evar.pixclock is used as the divisor.\n\nThis is similar to CVE-2022-3061 in i740fb which was fixed by\ncommit 15cf0b8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26778",
"url": "https://www.suse.com/security/cve/CVE-2024-26778"
},
{
"category": "external",
"summary": "SUSE Bug 1222770 for CVE-2024-26778",
"url": "https://bugzilla.suse.com/1222770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26778"
},
{
"cve": "CVE-2024-26779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix race condition on enabling fast-xmit\n\nfast-xmit must only be enabled after the sta has been uploaded to the driver,\notherwise it could end up passing the not-yet-uploaded sta via drv_tx calls\nto the driver, leading to potential crashes because of uninitialized drv_priv\ndata.\nAdd a missing sta-\u003euploaded check and re-check fast xmit after inserting a sta.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26779",
"url": "https://www.suse.com/security/cve/CVE-2024-26779"
},
{
"category": "external",
"summary": "SUSE Bug 1222772 for CVE-2024-26779",
"url": "https://bugzilla.suse.com/1222772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26779"
},
{
"cve": "CVE-2024-26793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()\n\nThe gtp_link_ops operations structure for the subsystem must be\nregistered after registering the gtp_net_ops pernet operations structure.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\n[ 1010.702740] gtp: GTP module unloaded\n[ 1010.715877] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI\n[ 1010.715888] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n[ 1010.715895] CPU: 1 PID: 128616 Comm: a.out Not tainted 6.8.0-rc6-std-def-alt1 #1\n[ 1010.715899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\n[ 1010.715908] RIP: 0010:gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.715915] Code: 80 3c 02 00 0f 85 41 04 00 00 48 8b bb d8 05 00 00 e8 ed f6 ff ff 48 89 c2 48 89 c5 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4f 04 00 00 4c 89 e2 4c 8b 6d 00 48 b8 00 00 00\n[ 1010.715920] RSP: 0018:ffff888020fbf180 EFLAGS: 00010203\n[ 1010.715929] RAX: dffffc0000000000 RBX: ffff88800399c000 RCX: 0000000000000000\n[ 1010.715933] RDX: 0000000000000001 RSI: ffffffff84805280 RDI: 0000000000000282\n[ 1010.715938] RBP: 000000000000000d R08: 0000000000000001 R09: 0000000000000000\n[ 1010.715942] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800399cc80\n[ 1010.715947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000400\n[ 1010.715953] FS: 00007fd1509ab5c0(0000) GS:ffff88805b300000(0000) knlGS:0000000000000000\n[ 1010.715958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1010.715962] CR2: 0000000000000000 CR3: 000000001c07a000 CR4: 0000000000750ee0\n[ 1010.715968] PKRU: 55555554\n[ 1010.715972] Call Trace:\n[ 1010.715985] ? __die_body.cold+0x1a/0x1f\n[ 1010.715995] ? die_addr+0x43/0x70\n[ 1010.716002] ? exc_general_protection+0x199/0x2f0\n[ 1010.716016] ? asm_exc_general_protection+0x1e/0x30\n[ 1010.716026] ? gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.716034] ? gtp_net_exit+0x150/0x150 [gtp]\n[ 1010.716042] __rtnl_newlink+0x1063/0x1700\n[ 1010.716051] ? rtnl_setlink+0x3c0/0x3c0\n[ 1010.716063] ? is_bpf_text_address+0xc0/0x1f0\n[ 1010.716070] ? kernel_text_address.part.0+0xbb/0xd0\n[ 1010.716076] ? __kernel_text_address+0x56/0xa0\n[ 1010.716084] ? unwind_get_return_address+0x5a/0xa0\n[ 1010.716091] ? create_prof_cpu_mask+0x30/0x30\n[ 1010.716098] ? arch_stack_walk+0x9e/0xf0\n[ 1010.716106] ? stack_trace_save+0x91/0xd0\n[ 1010.716113] ? stack_trace_consume_entry+0x170/0x170\n[ 1010.716121] ? __lock_acquire+0x15c5/0x5380\n[ 1010.716139] ? mark_held_locks+0x9e/0xe0\n[ 1010.716148] ? kmem_cache_alloc_trace+0x35f/0x3c0\n[ 1010.716155] ? __rtnl_newlink+0x1700/0x1700\n[ 1010.716160] rtnl_newlink+0x69/0xa0\n[ 1010.716166] rtnetlink_rcv_msg+0x43b/0xc50\n[ 1010.716172] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716179] ? lock_acquire+0x1fe/0x560\n[ 1010.716188] ? netlink_deliver_tap+0x12f/0xd50\n[ 1010.716196] netlink_rcv_skb+0x14d/0x440\n[ 1010.716202] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716208] ? netlink_ack+0xab0/0xab0\n[ 1010.716213] ? netlink_deliver_tap+0x202/0xd50\n[ 1010.716220] ? netlink_deliver_tap+0x218/0xd50\n[ 1010.716226] ? __virt_addr_valid+0x30b/0x590\n[ 1010.716233] netlink_unicast+0x54b/0x800\n[ 1010.716240] ? netlink_attachskb+0x870/0x870\n[ 1010.716248] ? __check_object_size+0x2de/0x3b0\n[ 1010.716254] netlink_sendmsg+0x938/0xe40\n[ 1010.716261] ? netlink_unicast+0x800/0x800\n[ 1010.716269] ? __import_iovec+0x292/0x510\n[ 1010.716276] ? netlink_unicast+0x800/0x800\n[ 1010.716284] __sock_sendmsg+0x159/0x190\n[ 1010.716290] ____sys_sendmsg+0x712/0x880\n[ 1010.716297] ? sock_write_iter+0x3d0/0x3d0\n[ 1010.716304] ? __ia32_sys_recvmmsg+0x270/0x270\n[ 1010.716309] ? lock_acquire+0x1fe/0x560\n[ 1010.716315] ? drain_array_locked+0x90/0x90\n[ 1010.716324] ___sys_sendmsg+0xf8/0x170\n[ 1010.716331] ? sendmsg_copy_msghdr+0x170/0x170\n[ 1010.716337] ? lockdep_init_map\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26793",
"url": "https://www.suse.com/security/cve/CVE-2024-26793"
},
{
"category": "external",
"summary": "SUSE Bug 1222428 for CVE-2024-26793",
"url": "https://bugzilla.suse.com/1222428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26793"
},
{
"cve": "CVE-2024-26805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Fix kernel-infoleak-after-free in __skb_datagram_iter\n\nsyzbot reported the following uninit-value access issue [1]:\n\nnetlink_to_full_skb() creates a new `skb` and puts the `skb-\u003edata`\npassed as a 1st arg of netlink_to_full_skb() onto new `skb`. The data\nsize is specified as `len` and passed to skb_put_data(). This `len`\nis based on `skb-\u003eend` that is not data offset but buffer offset. The\n`skb-\u003eend` contains data and tailroom. Since the tailroom is not\ninitialized when the new `skb` created, KMSAN detects uninitialized\nmemory area when copying the data.\n\nThis patch resolved this issue by correct the len from `skb-\u003eend` to\n`skb-\u003elen`, which is the actual data offset.\n\nBUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in copy_to_user_iter lib/iov_iter.c:24 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_ubuf include/linux/iov_iter.h:29 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance include/linux/iov_iter.h:271 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n copy_to_iter include/linux/uio.h:197 [inline]\n simple_copy_to_iter+0x68/0xa0 net/core/datagram.c:532\n __skb_datagram_iter+0x123/0xdc0 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:3960 [inline]\n packet_recvmsg+0xd9c/0x2000 net/packet/af_packet.c:3482\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg net/socket.c:1066 [inline]\n sock_read_iter+0x467/0x580 net/socket.c:1136\n call_read_iter include/linux/fs.h:2014 [inline]\n new_sync_read fs/read_write.c:389 [inline]\n vfs_read+0x8f6/0xe00 fs/read_write.c:470\n ksys_read+0x20f/0x4c0 fs/read_write.c:613\n __do_sys_read fs/read_write.c:623 [inline]\n __se_sys_read fs/read_write.c:621 [inline]\n __x64_sys_read+0x93/0xd0 fs/read_write.c:621\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was stored to memory at:\n skb_put_data include/linux/skbuff.h:2622 [inline]\n netlink_to_full_skb net/netlink/af_netlink.c:181 [inline]\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:298 [inline]\n __netlink_deliver_tap+0x5be/0xc90 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338 [inline]\n netlink_deliver_tap_kernel net/netlink/af_netlink.c:347 [inline]\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x10f1/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1087 [inline]\n free_unref_page_prepare+0xb0/0xa40 mm/page_alloc.c:2347\n free_unref_page_list+0xeb/0x1100 mm/page_alloc.c:2533\n release_pages+0x23d3/0x2410 mm/swap.c:1042\n free_pages_and_swap_cache+0xd9/0xf0 mm/swap_state.c:316\n tlb_batch_pages\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26805",
"url": "https://www.suse.com/security/cve/CVE-2024-26805"
},
{
"category": "external",
"summary": "SUSE Bug 1222630 for CVE-2024-26805",
"url": "https://bugzilla.suse.com/1222630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26805"
},
{
"cve": "CVE-2024-26816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26816",
"url": "https://www.suse.com/security/cve/CVE-2024-26816"
},
{
"category": "external",
"summary": "SUSE Bug 1222624 for CVE-2024-26816",
"url": "https://bugzilla.suse.com/1222624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: use calloc instead of kzalloc to avoid integer overflow\n\nThis uses calloc instead of doing the multiplication which might\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26817",
"url": "https://www.suse.com/security/cve/CVE-2024-26817"
},
{
"category": "external",
"summary": "SUSE Bug 1222812 for CVE-2024-26817",
"url": "https://bugzilla.suse.com/1222812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26817"
},
{
"cve": "CVE-2024-26839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix a memleak in init_credit_return\n\nWhen dma_alloc_coherent fails to allocate dd-\u003ecr_base[i].va,\ninit_credit_return should deallocate dd-\u003ecr_base and\ndd-\u003ecr_base[i] that allocated before. Or those resources\nwould be never freed and a memleak is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26839",
"url": "https://www.suse.com/security/cve/CVE-2024-26839"
},
{
"category": "external",
"summary": "SUSE Bug 1222975 for CVE-2024-26839",
"url": "https://bugzilla.suse.com/1222975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "low"
}
],
"title": "CVE-2024-26839"
},
{
"cve": "CVE-2024-26840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [\u003cffffffff8eb8a1a5\u003e] kmem_cache_alloc+0x2d5/0x370\n [\u003cffffffff8e917f86\u003e] prepare_creds+0x26/0x2e0\n [\u003cffffffffc002eeef\u003e] cachefiles_determine_cache_security+0x1f/0x120\n [\u003cffffffffc00243ec\u003e] cachefiles_add_cache+0x13c/0x3a0\n [\u003cffffffffc0025216\u003e] cachefiles_daemon_write+0x146/0x1c0\n [\u003cffffffff8ebc4a3b\u003e] vfs_write+0xcb/0x520\n [\u003cffffffff8ebc5069\u003e] ksys_write+0x69/0xf0\n [\u003cffffffff8f6d4662\u003e] do_syscall_64+0x72/0x140\n [\u003cffffffff8f8000aa\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26840",
"url": "https://www.suse.com/security/cve/CVE-2024-26840"
},
{
"category": "external",
"summary": "SUSE Bug 1222976 for CVE-2024-26840",
"url": "https://bugzilla.suse.com/1222976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "low"
}
],
"title": "CVE-2024-26840"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()\n\nThe function ice_bridge_setlink() may encounter a NULL pointer dereference\nif nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently\nin nla_for_each_nested(). To address this issue, add a check to ensure that\nbr_spec is not NULL before proceeding with the nested attribute iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26855",
"url": "https://www.suse.com/security/cve/CVE-2024-26855"
},
{
"category": "external",
"summary": "SUSE Bug 1223051 for CVE-2024-26855",
"url": "https://bugzilla.suse.com/1223051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: make sure to pull inner header in geneve_rx()\n\nsyzbot triggered a bug in geneve_rx() [1]\n\nIssue is similar to the one I fixed in commit 8d975c15c0cd\n(\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\n[1]\nBUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in geneve_rx drivers/net/geneve.c:279 [inline]\n BUG: KMSAN: uninit-value in geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n geneve_rx drivers/net/geneve.c:279 [inline]\n geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n udp_queue_rcv_one_skb+0x1d39/0x1f20 net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x6ae/0x6e0 net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x184/0x4b0 net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x1c6b/0x3010 net/ipv4/udp.c:2422\n udp_rcv+0x7d/0xa0 net/ipv4/udp.c:2604\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n process_backlog+0x480/0x8b0 net/core/dev.c:5976\n __napi_poll+0xe3/0x980 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x8b8/0x1870 net/core/dev.c:6778\n __do_softirq+0x1b7/0x7c5 kernel/softirq.c:553\n do_softirq+0x9a/0xf0 kernel/softirq.c:454\n __local_bh_enable_ip+0x9b/0xa0 kernel/softirq.c:381\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:820 [inline]\n __dev_queue_xmit+0x2768/0x51c0 net/core/dev.c:4378\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x5cb/0xbc0 mm/slub.c:3903\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x352/0x790 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1296 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6394\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2783\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x70c2/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26857",
"url": "https://www.suse.com/security/cve/CVE-2024-26857"
},
{
"category": "external",
"summary": "SUSE Bug 1223058 for CVE-2024-26857",
"url": "https://bugzilla.suse.com/1223058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26857"
},
{
"cve": "CVE-2024-26859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/bnx2x: Prevent access to a freed page in page_pool\n\nFix race condition leading to system crash during EEH error handling\n\nDuring EEH error recovery, the bnx2x driver\u0027s transmit timeout logic\ncould cause a race condition when handling reset tasks. The\nbnx2x_tx_timeout() schedules reset tasks via bnx2x_sp_rtnl_task(),\nwhich ultimately leads to bnx2x_nic_unload(). In bnx2x_nic_unload()\nSGEs are freed using bnx2x_free_rx_sge_range(). However, this could\noverlap with the EEH driver\u0027s attempt to reset the device using\nbnx2x_io_slot_reset(), which also tries to free SGEs. This race\ncondition can result in system crashes due to accessing freed memory\nlocations in bnx2x_free_rx_sge()\n\n799 static inline void bnx2x_free_rx_sge(struct bnx2x *bp,\n800\t\t\t\tstruct bnx2x_fastpath *fp, u16 index)\n801 {\n802\tstruct sw_rx_page *sw_buf = \u0026fp-\u003erx_page_ring[index];\n803 struct page *page = sw_buf-\u003epage;\n....\nwhere sw_buf was set to NULL after the call to dma_unmap_page()\nby the preceding thread.\n\n EEH: Beginning: \u0027slot_reset\u0027\n PCI 0011:01:00.0#10000: EEH: Invoking bnx2x-\u003eslot_reset()\n bnx2x: [bnx2x_io_slot_reset:14228(eth1)]IO slot reset initializing...\n bnx2x 0011:01:00.0: enabling device (0140 -\u003e 0142)\n bnx2x: [bnx2x_io_slot_reset:14244(eth1)]IO slot reset --\u003e driver unload\n Kernel attempted to read user page (0) - exploit attempt? (uid: 0)\n BUG: Kernel NULL pointer dereference on read at 0x00000000\n Faulting instruction address: 0xc0080000025065fc\n Oops: Kernel access of bad area, sig: 11 [#1]\n .....\n Call Trace:\n [c000000003c67a20] [c00800000250658c] bnx2x_io_slot_reset+0x204/0x610 [bnx2x] (unreliable)\n [c000000003c67af0] [c0000000000518a8] eeh_report_reset+0xb8/0xf0\n [c000000003c67b60] [c000000000052130] eeh_pe_report+0x180/0x550\n [c000000003c67c70] [c00000000005318c] eeh_handle_normal_event+0x84c/0xa60\n [c000000003c67d50] [c000000000053a84] eeh_event_handler+0xf4/0x170\n [c000000003c67da0] [c000000000194c58] kthread+0x1c8/0x1d0\n [c000000003c67e10] [c00000000000cf64] ret_from_kernel_thread+0x5c/0x64\n\nTo solve this issue, we need to verify page pool allocations before\nfreeing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26859",
"url": "https://www.suse.com/security/cve/CVE-2024-26859"
},
{
"category": "external",
"summary": "SUSE Bug 1223049 for CVE-2024-26859",
"url": "https://bugzilla.suse.com/1223049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26859"
},
{
"cve": "CVE-2024-26878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(\u0026dquots[cnt]-\u003edq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode\u0027s quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let\u0027s fix it by using a temporary pointer to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26878",
"url": "https://www.suse.com/security/cve/CVE-2024-26878"
},
{
"category": "external",
"summary": "SUSE Bug 1223060 for CVE-2024-26878",
"url": "https://bugzilla.suse.com/1223060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stackmap overflow check on 32-bit arches\n\nThe stackmap code relies on roundup_pow_of_two() to compute the number\nof hash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code.\n\nThe commit in the fixes tag actually attempted to fix this, but the fix\ndid not account for the UB, so the fix only works on CPUs where an\noverflow does result in a neat truncation to zero, which is not\nguaranteed. Checking the value before rounding does not have this\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26883",
"url": "https://www.suse.com/security/cve/CVE-2024-26883"
},
{
"category": "external",
"summary": "SUSE Bug 1223035 for CVE-2024-26883",
"url": "https://bugzilla.suse.com/1223035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix hashtab overflow check on 32-bit arches\n\nThe hashtab code relies on roundup_pow_of_two() to compute the number of\nhash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code. So apply the same\nfix to hashtab, by moving the overflow check to before the roundup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26884",
"url": "https://www.suse.com/security/cve/CVE-2024-26884"
},
{
"category": "external",
"summary": "SUSE Bug 1223189 for CVE-2024-26884",
"url": "https://bugzilla.suse.com/1223189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\n\nThis patch is against CVE-2023-6270. The description of cve is:\n\n A flaw was found in the ATA over Ethernet (AoE) driver in the Linux\n kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on\n `struct net_device`, and a use-after-free can be triggered by racing\n between the free on the struct and the access through the `skbtxq`\n global queue. This could lead to a denial of service condition or\n potential code execution.\n\nIn aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial\ncode is finished. But the net_device ifp will still be used in\nlater tx()-\u003edev_queue_xmit() in kthread. Which means that the\ndev_put(ifp) should NOT be called in the success path of skb\ninitial code in aoecmd_cfg_pkts(). Otherwise tx() may run into\nuse-after-free because the net_device is freed.\n\nThis patch removed the dev_put(ifp) in the success path in\naoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26898",
"url": "https://www.suse.com/security/cve/CVE-2024-26898"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1223017 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever\u0027s suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26901",
"url": "https://www.suse.com/security/cve/CVE-2024-26901"
},
{
"category": "external",
"summary": "SUSE Bug 1223198 for CVE-2024-26901",
"url": "https://bugzilla.suse.com/1223198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security\n\nDuring our fuzz testing of the connection and disconnection process at the\nRFCOMM layer, we discovered this bug. By comparing the packets from a\nnormal connection and disconnection process with the testcase that\ntriggered a KASAN report. We analyzed the cause of this bug as follows:\n\n1. In the packets captured during a normal connection, the host sends a\n`Read Encryption Key Size` type of `HCI_CMD` packet\n(Command Opcode: 0x1408) to the controller to inquire the length of\nencryption key.After receiving this packet, the controller immediately\nreplies with a Command Completepacket (Event Code: 0x0e) to return the\nEncryption Key Size.\n\n2. In our fuzz test case, the timing of the controller\u0027s response to this\npacket was delayed to an unexpected point: after the RFCOMM and L2CAP\nlayers had disconnected but before the HCI layer had disconnected.\n\n3. After receiving the Encryption Key Size Response at the time described\nin point 2, the host still called the rfcomm_check_security function.\nHowever, by this time `struct l2cap_conn *conn = l2cap_pi(sk)-\u003echan-\u003econn;`\nhad already been released, and when the function executed\n`return hci_conn_security(conn-\u003ehcon, d-\u003esec_level, auth_type, d-\u003eout);`,\nspecifically when accessing `conn-\u003ehcon`, a null-ptr-deref error occurred.\n\nTo fix this bug, check if `sk-\u003esk_state` is BT_CLOSED before calling\nrfcomm_recv_frame in rfcomm_process_rx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26903",
"url": "https://www.suse.com/security/cve/CVE-2024-26903"
},
{
"category": "external",
"summary": "SUSE Bug 1223187 for CVE-2024-26903",
"url": "https://bugzilla.suse.com/1223187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26907"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix fortify source warning while accessing Eth segment\n\n ------------[ cut here ]------------\n memcpy: detected field-spanning write (size 56) of single field \"eseg-\u003einline_hdr.start\" at /var/lib/dkms/mlnx-ofed-kernel/5.8/build/drivers/infiniband/hw/mlx5/wr.c:131 (size 2)\n WARNING: CPU: 0 PID: 293779 at /var/lib/dkms/mlnx-ofed-kernel/5.8/build/drivers/infiniband/hw/mlx5/wr.c:131 mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n Modules linked in: 8021q garp mrp stp llc rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) ib_core(OE) mlx5_core(OE) pci_hyperv_intf mlxdevm(OE) mlx_compat(OE) tls mlxfw(OE) psample nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink mst_pciconf(OE) knem(OE) vfio_pci vfio_pci_core vfio_iommu_type1 vfio iommufd irqbypass cuse nfsv3 nfs fscache netfs xfrm_user xfrm_algo ipmi_devintf ipmi_msghandler binfmt_misc crct10dif_pclmul crc32_pclmul polyval_clmulni polyval_generic ghash_clmulni_intel sha512_ssse3 snd_pcsp aesni_intel crypto_simd cryptd snd_pcm snd_timer joydev snd soundcore input_leds serio_raw evbug nfsd auth_rpcgss nfs_acl lockd grace sch_fq_codel sunrpc drm efi_pstore ip_tables x_tables autofs4 psmouse virtio_net net_failover failover floppy\n [last unloaded: mlx_compat(OE)]\n CPU: 0 PID: 293779 Comm: ssh Tainted: G OE 6.2.0-32-generic #32~22.04.1-Ubuntu\n Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\n RIP: 0010:mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n Code: 0c 01 00 a8 01 75 25 48 8b 75 a0 b9 02 00 00 00 48 c7 c2 10 5b fd c0 48 c7 c7 80 5b fd c0 c6 05 57 0c 03 00 01 e8 95 4d 93 da \u003c0f\u003e 0b 44 8b 4d b0 4c 8b 45 c8 48 8b 4d c0 e9 49 fb ff ff 41 0f b7\n RSP: 0018:ffffb5b48478b570 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffb5b48478b628 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffb5b48478b5e8\n R13: ffff963a3c609b5e R14: ffff9639c3fbd800 R15: ffffb5b480475a80\n FS: 00007fc03b444c80(0000) GS:ffff963a3dc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000556f46bdf000 CR3: 0000000006ac6003 CR4: 00000000003706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x72/0x90\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n ? __warn+0x8d/0x160\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n ? report_bug+0x1bb/0x1d0\n ? handle_bug+0x46/0x90\n ? exc_invalid_op+0x19/0x80\n ? asm_exc_invalid_op+0x1b/0x20\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n mlx5_ib_post_send_nodrain+0xb/0x20 [mlx5_ib]\n ipoib_send+0x2ec/0x770 [ib_ipoib]\n ipoib_start_xmit+0x5a0/0x770 [ib_ipoib]\n dev_hard_start_xmit+0x8e/0x1e0\n ? validate_xmit_skb_list+0x4d/0x80\n sch_direct_xmit+0x116/0x3a0\n __dev_xmit_skb+0x1fd/0x580\n __dev_queue_xmit+0x284/0x6b0\n ? _raw_spin_unlock_irq+0xe/0x50\n ? __flush_work.isra.0+0x20d/0x370\n ? push_pseudo_header+0x17/0x40 [ib_ipoib]\n neigh_connected_output+0xcd/0x110\n ip_finish_output2+0x179/0x480\n ? __smp_call_single_queue+0x61/0xa0\n __ip_finish_output+0xc3/0x190\n ip_finish_output+0x2e/0xf0\n ip_output+0x78/0x110\n ? __pfx_ip_finish_output+0x10/0x10\n ip_local_out+0x64/0x70\n __ip_queue_xmit+0x18a/0x460\n ip_queue_xmit+0x15/0x30\n __tcp_transmit_skb+0x914/0x9c0\n tcp_write_xmit+0x334/0x8d0\n tcp_push_one+0x3c/0x60\n tcp_sendmsg_locked+0x2e1/0xac0\n tcp_sendmsg+0x2d/0x50\n inet_sendmsg+0x43/0x90\n sock_sendmsg+0x68/0x80\n sock_write_iter+0x93/0x100\n vfs_write+0x326/0x3c0\n ksys_write+0xbd/0xf0\n ? do_syscall_64+0x69/0x90\n __x64_sys_write+0x19/0x30\n do_syscall_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26907",
"url": "https://www.suse.com/security/cve/CVE-2024-26907"
},
{
"category": "external",
"summary": "SUSE Bug 1223203 for CVE-2024-26907",
"url": "https://bugzilla.suse.com/1223203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26907"
},
{
"cve": "CVE-2024-26922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: validate the parameters of bo mapping operations more clearly\n\nVerify the parameters of\namdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26922",
"url": "https://www.suse.com/security/cve/CVE-2024-26922"
},
{
"category": "external",
"summary": "SUSE Bug 1223315 for CVE-2024-26922",
"url": "https://bugzilla.suse.com/1223315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26922"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26931",
"url": "https://www.suse.com/security/cve/CVE-2024-26931"
},
{
"category": "external",
"summary": "SUSE Bug 1223627 for CVE-2024-26931",
"url": "https://bugzilla.suse.com/1223627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26948",
"url": "https://www.suse.com/security/cve/CVE-2024-26948"
},
{
"category": "external",
"summary": "SUSE Bug 1223664 for CVE-2024-26948",
"url": "https://bugzilla.suse.com/1223664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26948"
},
{
"cve": "CVE-2024-26993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26993",
"url": "https://www.suse.com/security/cve/CVE-2024-26993"
},
{
"category": "external",
"summary": "SUSE Bug 1223693 for CVE-2024-26993",
"url": "https://bugzilla.suse.com/1223693"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-27013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: limit printing rate when illegal packet received by tun dev\n\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\n\nnet_ratelimit mechanism can be used to limit the dumping rate.\n\nPID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: \"vhost-32980\"\n #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n #3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n [exception RIP: io_serial_in+20]\n RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002\n RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000\n RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0\n RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f\n R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020\n R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n #10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n #12 [ffffa65531497b68] printk at ffffffff89318306\n #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n #18 [ffffa65531497f10] kthread at ffffffff892d2e72\n #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27013",
"url": "https://www.suse.com/security/cve/CVE-2024-27013"
},
{
"category": "external",
"summary": "SUSE Bug 1223745 for CVE-2024-27013",
"url": "https://bugzilla.suse.com/1223745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Prevent deadlock while disabling aRFS\n\nWhen disabling aRFS under the `priv-\u003estate_lock`, any scheduled\naRFS works are canceled using the `cancel_work_sync` function,\nwhich waits for the work to end if it has already started.\nHowever, while waiting for the work handler, the handler will\ntry to acquire the `state_lock` which is already acquired.\n\nThe worker acquires the lock to delete the rules if the state\nis down, which is not the worker\u0027s responsibility since\ndisabling aRFS deletes the rules.\n\nAdd an aRFS state variable, which indicates whether the aRFS is\nenabled and prevent adding rules when the aRFS is disabled.\n\nKernel log:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G I\n------------------------------------------------------\nethtool/386089 is trying to acquire lock:\nffff88810f21ce68 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0\n\nbut task is already holding lock:\nffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026priv-\u003estate_lock){+.+.}-{3:3}:\n __mutex_lock+0x80/0xc90\n arfs_handle_work+0x4b/0x3b0 [mlx5_core]\n process_one_work+0x1dc/0x4a0\n worker_thread+0x1bf/0x3c0\n kthread+0xd7/0x100\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n\n-\u003e #0 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}:\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n __flush_work+0x7a/0x4e0\n __cancel_work_timer+0x131/0x1c0\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1a1/0x270\n netlink_sendmsg+0x214/0x460\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x113/0x170\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n\n *** DEADLOCK ***\n\n3 locks held by ethtool/386089:\n #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40\n #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240\n #2: ffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nstack backtrace:\nCPU: 15 PID: 386089 Comm: ethtool Tainted: G I 6.7.0-rc4_net_next_mlx5_5483eb2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x60/0xa0\n check_noncircular+0x144/0x160\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n ? __flush_work+0x74/0x4e0\n ? save_trace+0x3e/0x360\n ? __flush_work+0x74/0x4e0\n __flush_work+0x7a/0x4e0\n ? __flush_work+0x74/0x4e0\n ? __lock_acquire+0xa78/0x2c80\n ? lock_acquire+0xd0/0x2b0\n ? mark_held_locks+0x49/0x70\n __cancel_work_timer+0x131/0x1c0\n ? mark_held_locks+0x49/0x70\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n ? ethn\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27014",
"url": "https://www.suse.com/security/cve/CVE-2024-27014"
},
{
"category": "external",
"summary": "SUSE Bug 1223735 for CVE-2024-27014",
"url": "https://bugzilla.suse.com/1223735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27014"
},
{
"cve": "CVE-2024-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27043",
"url": "https://www.suse.com/security/cve/CVE-2024-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223824 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "external",
"summary": "SUSE Bug 1223825 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "important"
}
],
"title": "CVE-2024-27043"
},
{
"cve": "CVE-2024-27046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27046",
"url": "https://www.suse.com/security/cve/CVE-2024-27046"
},
{
"category": "external",
"summary": "SUSE Bug 1223827 for CVE-2024-27046",
"url": "https://bugzilla.suse.com/1223827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27046"
},
{
"cve": "CVE-2024-27054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27054",
"url": "https://www.suse.com/security/cve/CVE-2024-27054"
},
{
"category": "external",
"summary": "SUSE Bug 1223819 for CVE-2024-27054",
"url": "https://bugzilla.suse.com/1223819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usbtv: Remove useless locks in usbtv_video_free()\n\nRemove locks calls in usbtv_video_free() because\nare useless and may led to a deadlock as reported here:\nhttps://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000\nAlso remove usbtv_stop() call since it will be called when\nunregistering the device.\n\nBefore \u0027c838530d230b\u0027 this issue would only be noticed if you\ndisconnect while streaming and now it is noticeable even when\ndisconnecting while not streaming.\n\n\n[hverkuil: fix minor spelling mistake in log message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27072",
"url": "https://www.suse.com/security/cve/CVE-2024-27072"
},
{
"category": "external",
"summary": "SUSE Bug 1223837 for CVE-2024-27072",
"url": "https://bugzilla.suse.com/1223837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27072"
},
{
"cve": "CVE-2024-27073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ttpci: fix two memleaks in budget_av_attach\n\nWhen saa7146_register_device and saa7146_vv_init fails, budget_av_attach\nshould free the resources it allocates, like the error-handling of\nttpci_budget_init does. Besides, there are two fixme comment refers to\nsuch deallocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27073",
"url": "https://www.suse.com/security/cve/CVE-2024-27073"
},
{
"category": "external",
"summary": "SUSE Bug 1223843 for CVE-2024-27073",
"url": "https://bugzilla.suse.com/1223843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27073"
},
{
"cve": "CVE-2024-27074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: go7007: fix a memleak in go7007_load_encoder\n\nIn go7007_load_encoder, bounce(i.e. go-\u003eboot_fw), is allocated without\na deallocation thereafter. After the following call chain:\n\nsaa7134_go7007_init\n |-\u003e go7007_boot_encoder\n |-\u003e go7007_load_encoder\n |-\u003e kfree(go)\n\ngo is freed and thus bounce is leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27074",
"url": "https://www.suse.com/security/cve/CVE-2024-27074"
},
{
"category": "external",
"summary": "SUSE Bug 1223844 for CVE-2024-27074",
"url": "https://bugzilla.suse.com/1223844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27074"
},
{
"cve": "CVE-2024-27075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: avoid stack overflow warnings with clang\n\nA previous patch worked around a KASAN issue in stv0367, now a similar\nproblem showed up with clang:\n\ndrivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in \u0027stv0367ter_set_frontend\u0027 [-Werror,-Wframe-larger-than]\n 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)\n\nRework the stv0367_writereg() function to be simpler and mark both\nregister access functions as noinline_for_stack so the temporary\ni2c_msg structures do not get duplicated on the stack when KASAN_STACK\nis enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27075",
"url": "https://www.suse.com/security/cve/CVE-2024-27075"
},
{
"category": "external",
"summary": "SUSE Bug 1223842 for CVE-2024-27075",
"url": "https://bugzilla.suse.com/1223842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27075"
},
{
"cve": "CVE-2024-27078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: fix some memleaks in tpg_alloc\n\nIn tpg_alloc, resources should be deallocated in each and every\nerror-handling paths, since they are allocated in for statements.\nOtherwise there would be memleaks because tpg_free is called only when\ntpg_alloc return 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27078",
"url": "https://www.suse.com/security/cve/CVE-2024-27078"
},
{
"category": "external",
"summary": "SUSE Bug 1223781 for CVE-2024-27078",
"url": "https://bugzilla.suse.com/1223781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27078"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.182.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.182.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:30:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
}
]
}
suse-su-2024:1979-1
Vulnerability from csaf_suse
Published
2024-06-11 07:41
Modified
2024-06-11 07:41
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2022-48686: Fix UAF when detecting digest errors (bsc#1223948). Update blacklist.conf: remove entry
- CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
- CVE-2022-48697: Fix a use-after-free (bsc#1223922). Update blacklist.conf: drop entry from it
- CVE-2024-26846: Do not wait in vain when unloading module (bsc#1223023).
- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)
- CVE-2023-42755: Check user supplied offsets (bsc#1215702).
- CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).
- CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).
- CVE-2021-47246: Fix page reclaim for dead peer hairpin (bsc#1224831).
- CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace (bsc#1225222 CVE-2023-52732).
- CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)
- CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506)
- CVE-2024-36029: Pervent access to suspended controller (bsc#1225708 CVE-2024-36029)
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2021-47352: Add validation for used length (bsc#1225124).
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)
- CVE-2021-47431: Fix gart.bo pin_count leak (bsc#1225390).
- CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2021-47423: Fix file release memory leak (bsc#1225366).
- CVE-2022-48710: Fix a possible null pointer dereference (bsc#1225230).
- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
- CVE-2024-35932: Do not check if plane->state->fb == state->fb (bsc#1224650).
- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
- CVE-2024-35809: Drain runtime-idle callbacks before driver removal (bsc#1224738).
- CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).
- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
- CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35982: Avoid infinite loop trying to resize local TT (bsc#1224566)
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot accesses (bsc#1224960, CVE-2021-47277).
- CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725).
- CVE-2021-47401: Fix stack information leak (bsc#1225242).
- CVE-2023-52867: Fix possible buffer overflow (bsc#1225009).
- CVE-2023-52821: Fix a possible null pointer dereference (bsc#1225022).
- CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)
- CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).
- CVE-2021-47361: Fix error handling in mcb_alloc_bus() (bsc#1225151).
- CVE-2023-52864: Fix opening of char device (bsc#1225132).
- CVE-2022-48708: Fix potential NULL dereference (bsc#1224942).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2021-47238: Fix memory leak in ip_mc_add1_src (bsc#1224847)
- CVE-2023-52730: Fix possible resource leaks in some error paths (bsc#1224956).
- CVE-2021-47355: Fix possible use-after-free in nicstar_cleanup() (bsc#1225141).
- CVE-2021-47245: Fix out of bounds when parsing TCP options (bsc#1224838)
- CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).
- CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)
- CVE-2021-47249: Fix memory leak in rds_recvmsg (bsc#1224880)
- CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1225082)
- CVE-2021-47250: Fix memory leak in netlbl_cipsov4_add_std (bsc#1224827)
- CVE-2024-35849: Fix information leak in btrfs_ioctl_logical_to_ino() (bsc#1224733).
- CVE-2024-27436: Stop parsing channels bits when all channels are found (bsc#1224803).
- CVE-2021-47281: Fix race of snd_seq_timer_open() (bsc#1224983).
- CVE-2024-35789: Clear fast rx for non-4addr in VLAN netdev (bsc#1224749).
- CVE-2024-35830: Register v4l2 async device only after successful setup (bsc#1224680).
- CVE-2021-47334: Fix two use after free in ibmasm_init_one (bsc#1225112).
- CVE-2021-47357: Fix possible use-after-free in ia_module_exit() (bsc#1225144).
- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).
- CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086).
- CVE-2024-35887: Fix use-after-free bugs caused by ax25_ds_del_timer (bsc#1224663)
- CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit() (bsc#1224907).
- CVE-2024-26957: Fix reference counting on zcrypt card objects (bsc#1223666).
- CVE-2023-52691: Fix a double-free in si_dpm_init (bsc#1224607).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).
- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-26984: Fix instmem race condition around ptr stores (bsc#1223633)
- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
- CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)
- CVE-2021-47206: Check return value after calling platform_get_resource() (bsc#1222894).
- CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)
- CVE-2024-26996: Fix UAF ncm object at re-bind after usb transport error (bsc#1223752).
- CVE-2024-26874: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (bsc#1223048)
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
The following non-security bugs were fixed:
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- assoc_array: Fix BUG_ON during garbage collect.
- autofs: fix a leak in autofs_expire_indirect() (git-fixes)
- Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working (git-fixes).
- btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit (git-fixes)
- btrfs: check if root is readonly while setting security xattr (git-fixes)
- btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (git-fixes)
- btrfs: do not get an EINTR during drop_snapshot for reloc (git-fixes)
- btrfs: do not stop integrity writeback too early (git-fixes)
- btrfs: Explicitly handle btrfs_update_root failure (git-fixes)
- btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP (git-fixes)
- btrfs: fix btrfs_prev_leaf() to not return the same key twice (git-fixes)
- btrfs: fix deadlock when writing out space cache (git-fixes)
- Btrfs: fix incorrect {node,sector}size endianness from BTRFS_IOC_FS_INFO (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix lost error handling when looking up extended ref on log replay (git-fixes)
- btrfs: Fix NULL pointer exception in find_bio_stripe (git-fixes)
- btrfs: Fix out of bounds access in btrfs_search_slot (git-fixes)
- btrfs: fix race when deleting quota root from the dirty cow roots list (git-fixes)
- btrfs: fix range_end calculation in extent_write_locked_range (git-fixes)
- btrfs: fix return value mixup in btrfs_get_extent (git-fixes)
- btrfs: fix unaligned access in readdir (git-fixes)
- btrfs: limit device extents to the device size (git-fixes)
- btrfs: prevent to set invalid default subvolid (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: scrub: reject unsupported scrub flags (git-fixes)
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: in case of IO error log it (git-fixes)
- btrfs: send: limit number of clones and allocated memory size (git-fixes)
- btrfs: sysfs: use NOFS for device creation (git-fixes) Adjustment: add #include
- btrfs: tree-checker: add missing return after error in root_item (git-fixes)
- btrfs: tree-checker: add missing returns after data_ref alignment checks (git-fixes)
- btrfs: tree-checker: do not error out if extent ref hash does not match (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: tree-checker: Fix misleading group system information (git-fixes)
- btrfs: undo writable superblocke when sprouting fails (git-fixes)
- btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (git-fixes)
- ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() (git-fixes)
- ecryptfs: fix a memory leak bug in parse_tag_1_packet() (git-fixes)
- ecryptfs: fix kernel panic with null dev_name (git-fixes)
- ecryptfs: Fix typo in message (git-fixes)
- ep_create_wakeup_source(): dentry name can change under you (git-fixes)
- exportfs_decode_fh(): negative pinned may become positive without the parent locked (git-fixes)
- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes (git-fixes)
- fscrypt: clean up some BUG_ON()s in block encryption/decryption (git-fixes)
- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (git-fixes).
- ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1225059).
- l2tp: pass correct message length to ip6_append_data (git-fixes).
- lib/mpi: use kcalloc in mpi_resize (git-fixes).
- list: fix a data-race around ep->rdllist (git-fixes).
- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).
- net/smc: fix fallback failed while sendmsg with fastopen (git-fixes).
- netfilter: nf_queue: augment nfqa_cfg_policy (git-fixes).
- netfilter: nft_compat: explicitly reject ERROR and standard target (git-fixes).
- netfilter: x_tables: set module owner for icmp(6) matches (git-fixes).
- nfc: change order inside nfc_se_io error path (git-fixes).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- ppdev: Add an error check in register_device (git-fixes).
- rds: avoid unenecessary cong_update in loop transport (git-fixes).
- rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp (git-fixes).
- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (bsc#1222893).
- rxrpc: Do not put crypto buffers on the stack (git-fixes).
- rxrpc: Fix a memory leak in rxkad_verify_response() (git-fixes).
- rxrpc: Provide a different lockdep key for call->user_mutex for kernel calls (git-fixes).
- rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing (git-fixes).
- rxrpc: Work around usercopy check (git-fixes).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224347).
- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1225062).
- tcp: tcp_make_synack() can be called from process context (git-fixes).
- tracing: Fix blocked reader of snapshot buffer (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tracing: Use strncpy instead of memcpy when copying comm in trace.c (git-fixes).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- wifi: cfg80211: avoid leaking stack data into trace (git-fixes).
- wifi: radiotap: fix kernel-doc notation warnings (git-fixes).
Patchnames
SUSE-2024-1979,SUSE-SLE-SERVER-12-SP5-2024-1979
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).\n- CVE-2022-48686: Fix UAF when detecting digest errors (bsc#1223948). Update blacklist.conf: remove entry\n- CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).\n- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).\n- CVE-2022-48697: Fix a use-after-free (bsc#1223922). Update blacklist.conf: drop entry from it\n- CVE-2024-26846: Do not wait in vain when unloading module (bsc#1223023).\n- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)\n- CVE-2023-42755: Check user supplied offsets (bsc#1215702).\n- CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).\n- CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).\n- CVE-2021-47246: Fix page reclaim for dead peer hairpin (bsc#1224831).\n- CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace (bsc#1225222 CVE-2023-52732).\n- CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)\n- CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506)\n- CVE-2024-36029: Pervent access to suspended controller (bsc#1225708 CVE-2024-36029)\n- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)\n- CVE-2021-47352: Add validation for used length (bsc#1225124).\n- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)\n- CVE-2021-47431: Fix gart.bo pin_count leak (bsc#1225390).\n- CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).\n- CVE-2021-47423: Fix file release memory leak (bsc#1225366).\n- CVE-2022-48710: Fix a possible null pointer dereference (bsc#1225230).\n- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).\n- CVE-2024-35932: Do not check if plane-\u003estate-\u003efb == state-\u003efb (bsc#1224650).\n- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).\n- CVE-2024-35809: Drain runtime-idle callbacks before driver removal (bsc#1224738).\n- CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).\n- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).\n- CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).\n- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).\n- CVE-2024-35982: Avoid infinite loop trying to resize local TT (bsc#1224566)\n- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).\n- CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot accesses (bsc#1224960, CVE-2021-47277).\n- CVE-2024-35791: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region() (bsc#1224725).\n- CVE-2021-47401: Fix stack information leak (bsc#1225242).\n- CVE-2023-52867: Fix possible buffer overflow (bsc#1225009).\n- CVE-2023-52821: Fix a possible null pointer dereference (bsc#1225022).\n- CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)\n- CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).\n- CVE-2021-47361: Fix error handling in mcb_alloc_bus() (bsc#1225151).\n- CVE-2023-52864: Fix opening of char device (bsc#1225132).\n- CVE-2022-48708: Fix potential NULL dereference (bsc#1224942).\n- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).\n- CVE-2021-47238: Fix memory leak in ip_mc_add1_src (bsc#1224847)\n- CVE-2023-52730: Fix possible resource leaks in some error paths (bsc#1224956).\n- CVE-2021-47355: Fix possible use-after-free in nicstar_cleanup() (bsc#1225141).\n- CVE-2021-47245: Fix out of bounds when parsing TCP options (bsc#1224838)\n- CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).\n- CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)\n- CVE-2021-47249: Fix memory leak in rds_recvmsg (bsc#1224880)\n- CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1225082)\n- CVE-2021-47250: Fix memory leak in netlbl_cipsov4_add_std (bsc#1224827)\n- CVE-2024-35849: Fix information leak in btrfs_ioctl_logical_to_ino() (bsc#1224733).\n- CVE-2024-27436: Stop parsing channels bits when all channels are found (bsc#1224803).\n- CVE-2021-47281: Fix race of snd_seq_timer_open() (bsc#1224983).\n- CVE-2024-35789: Clear fast rx for non-4addr in VLAN netdev (bsc#1224749).\n- CVE-2024-35830: Register v4l2 async device only after successful setup (bsc#1224680).\n- CVE-2021-47334: Fix two use after free in ibmasm_init_one (bsc#1225112).\n- CVE-2021-47357: Fix possible use-after-free in ia_module_exit() (bsc#1225144).\n- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).\n- CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086).\n- CVE-2024-35887: Fix use-after-free bugs caused by ax25_ds_del_timer (bsc#1224663)\n- CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit() (bsc#1224907).\n- CVE-2024-26957: Fix reference counting on zcrypt card objects (bsc#1223666).\n- CVE-2023-52691: Fix a double-free in si_dpm_init (bsc#1224607).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).\n- CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).\n- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).\n- CVE-2024-26984: Fix instmem race condition around ptr stores (bsc#1223633)\n- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).\n- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).\n- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).\n- CVE-2024-26900: Fixed kmemleak of rdev-\u003eserial (bsc#1223046).\n- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).\n- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).\n- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).\n- CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)\n- CVE-2021-47206: Check return value after calling platform_get_resource() (bsc#1222894).\n- CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)\n- CVE-2024-26996: Fix UAF ncm object at re-bind after usb transport error (bsc#1223752).\n- CVE-2024-26874: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (bsc#1223048)\n- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).\n\nThe following non-security bugs were fixed:\n\n- af_unix: annote lockless accesses to unix_tot_inflight \u0026 gc_in_progress (bsc#1223384).\n- af_unix: Do not use atomic ops for unix_sk(sk)-\u003einflight (bsc#1223384).\n- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).\n- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).\n- assoc_array: Fix BUG_ON during garbage collect.\n- autofs: fix a leak in autofs_expire_indirect() (git-fixes)\n- Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working (git-fixes).\n- btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit (git-fixes)\n- btrfs: check if root is readonly while setting security xattr (git-fixes)\n- btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (git-fixes)\n- btrfs: do not get an EINTR during drop_snapshot for reloc (git-fixes)\n- btrfs: do not stop integrity writeback too early (git-fixes)\n- btrfs: Explicitly handle btrfs_update_root failure (git-fixes)\n- btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP (git-fixes)\n- btrfs: fix btrfs_prev_leaf() to not return the same key twice (git-fixes)\n- btrfs: fix deadlock when writing out space cache (git-fixes)\n- Btrfs: fix incorrect {node,sector}size endianness from BTRFS_IOC_FS_INFO (git-fixes)\n- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)\n- btrfs: fix lost error handling when looking up extended ref on log replay (git-fixes)\n- btrfs: Fix NULL pointer exception in find_bio_stripe (git-fixes)\n- btrfs: Fix out of bounds access in btrfs_search_slot (git-fixes)\n- btrfs: fix race when deleting quota root from the dirty cow roots list (git-fixes)\n- btrfs: fix range_end calculation in extent_write_locked_range (git-fixes)\n- btrfs: fix return value mixup in btrfs_get_extent (git-fixes)\n- btrfs: fix unaligned access in readdir (git-fixes)\n- btrfs: limit device extents to the device size (git-fixes)\n- btrfs: prevent to set invalid default subvolid (git-fixes)\n- btrfs: record delayed inode root in transaction (git-fixes)\n- btrfs: scrub: reject unsupported scrub flags (git-fixes)\n- btrfs: send: ensure send_fd is writable (git-fixes)\n- btrfs: send: in case of IO error log it (git-fixes)\n- btrfs: send: limit number of clones and allocated memory size (git-fixes)\n- btrfs: sysfs: use NOFS for device creation (git-fixes) Adjustment: add #include\n- btrfs: tree-checker: add missing return after error in root_item (git-fixes)\n- btrfs: tree-checker: add missing returns after data_ref alignment checks (git-fixes)\n- btrfs: tree-checker: do not error out if extent ref hash does not match (git-fixes)\n- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)\n- btrfs: tree-checker: Fix misleading group system information (git-fixes)\n- btrfs: undo writable superblocke when sprouting fails (git-fixes)\n- btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (git-fixes)\n- ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() (git-fixes)\n- ecryptfs: fix a memory leak bug in parse_tag_1_packet() (git-fixes)\n- ecryptfs: fix kernel panic with null dev_name (git-fixes)\n- ecryptfs: Fix typo in message (git-fixes)\n- ep_create_wakeup_source(): dentry name can change under you (git-fixes)\n- exportfs_decode_fh(): negative pinned may become positive without the parent locked (git-fixes)\n- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes (git-fixes)\n- fscrypt: clean up some BUG_ON()s in block encryption/decryption (git-fixes)\n- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (git-fixes).\n- ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1225059).\n- l2tp: pass correct message length to ip6_append_data (git-fixes).\n- lib/mpi: use kcalloc in mpi_resize (git-fixes).\n- list: fix a data-race around ep-\u003erdllist (git-fixes).\n- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).\n- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: smsc95xx: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: sr9700: stop lying about skb-\u003etruesize (git-fixes).\n- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).\n- net/smc: fix fallback failed while sendmsg with fastopen (git-fixes).\n- netfilter: nf_queue: augment nfqa_cfg_policy (git-fixes).\n- netfilter: nft_compat: explicitly reject ERROR and standard target (git-fixes).\n- netfilter: x_tables: set module owner for icmp(6) matches (git-fixes).\n- nfc: change order inside nfc_se_io error path (git-fixes).\n- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).\n- ppdev: Add an error check in register_device (git-fixes).\n- rds: avoid unenecessary cong_update in loop transport (git-fixes).\n- rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp (git-fixes).\n- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).\n- ring-buffer: Fix a race between readers and resize checks (bsc#1222893).\n- rxrpc: Do not put crypto buffers on the stack (git-fixes).\n- rxrpc: Fix a memory leak in rxkad_verify_response() (git-fixes).\n- rxrpc: Provide a different lockdep key for call-\u003euser_mutex for kernel calls (git-fixes).\n- rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing (git-fixes).\n- rxrpc: Work around usercopy check (git-fixes).\n- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224347).\n- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1225062).\n- tcp: tcp_make_synack() can be called from process context (git-fixes).\n- tracing: Fix blocked reader of snapshot buffer (git-fixes).\n- tracing: hide unused ftrace_event_id_fops (git-fixes).\n- tracing: Use .flush() call to wake up readers (git-fixes).\n- tracing: Use strncpy instead of memcpy when copying comm in trace.c (git-fixes).\n- usb: aqc111: stop lying about skb-\u003etruesize (git-fixes).\n- wifi: cfg80211: avoid leaking stack data into trace (git-fixes).\n- wifi: radiotap: fix kernel-doc notation warnings (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1979,SUSE-SLE-SERVER-12-SP5-2024-1979",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1979-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1979-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241979-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1979-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035536.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1101816",
"url": "https://bugzilla.suse.com/1101816"
},
{
"category": "self",
"summary": "SUSE Bug 1181674",
"url": "https://bugzilla.suse.com/1181674"
},
{
"category": "self",
"summary": "SUSE Bug 1185902",
"url": "https://bugzilla.suse.com/1185902"
},
{
"category": "self",
"summary": "SUSE Bug 1187716",
"url": "https://bugzilla.suse.com/1187716"
},
{
"category": "self",
"summary": "SUSE Bug 1188616",
"url": "https://bugzilla.suse.com/1188616"
},
{
"category": "self",
"summary": "SUSE Bug 1190317",
"url": "https://bugzilla.suse.com/1190317"
},
{
"category": "self",
"summary": "SUSE Bug 1190795",
"url": "https://bugzilla.suse.com/1190795"
},
{
"category": "self",
"summary": "SUSE Bug 1191452",
"url": "https://bugzilla.suse.com/1191452"
},
{
"category": "self",
"summary": "SUSE Bug 1194591",
"url": "https://bugzilla.suse.com/1194591"
},
{
"category": "self",
"summary": "SUSE Bug 1197760",
"url": "https://bugzilla.suse.com/1197760"
},
{
"category": "self",
"summary": "SUSE Bug 1206213",
"url": "https://bugzilla.suse.com/1206213"
},
{
"category": "self",
"summary": "SUSE Bug 1206646",
"url": "https://bugzilla.suse.com/1206646"
},
{
"category": "self",
"summary": "SUSE Bug 1207186",
"url": "https://bugzilla.suse.com/1207186"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1210335",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "self",
"summary": "SUSE Bug 1215702",
"url": "https://bugzilla.suse.com/1215702"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217169",
"url": "https://bugzilla.suse.com/1217169"
},
{
"category": "self",
"summary": "SUSE Bug 1217519",
"url": "https://bugzilla.suse.com/1217519"
},
{
"category": "self",
"summary": "SUSE Bug 1220487",
"url": "https://bugzilla.suse.com/1220487"
},
{
"category": "self",
"summary": "SUSE Bug 1220854",
"url": "https://bugzilla.suse.com/1220854"
},
{
"category": "self",
"summary": "SUSE Bug 1220928",
"url": "https://bugzilla.suse.com/1220928"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221081",
"url": "https://bugzilla.suse.com/1221081"
},
{
"category": "self",
"summary": "SUSE Bug 1221086",
"url": "https://bugzilla.suse.com/1221086"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1221994",
"url": "https://bugzilla.suse.com/1221994"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222627",
"url": "https://bugzilla.suse.com/1222627"
},
{
"category": "self",
"summary": "SUSE Bug 1222667",
"url": "https://bugzilla.suse.com/1222667"
},
{
"category": "self",
"summary": "SUSE Bug 1222671",
"url": "https://bugzilla.suse.com/1222671"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1222894",
"url": "https://bugzilla.suse.com/1222894"
},
{
"category": "self",
"summary": "SUSE Bug 1223023",
"url": "https://bugzilla.suse.com/1223023"
},
{
"category": "self",
"summary": "SUSE Bug 1223046",
"url": "https://bugzilla.suse.com/1223046"
},
{
"category": "self",
"summary": "SUSE Bug 1223048",
"url": "https://bugzilla.suse.com/1223048"
},
{
"category": "self",
"summary": "SUSE Bug 1223084",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "self",
"summary": "SUSE Bug 1223138",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "self",
"summary": "SUSE Bug 1223207",
"url": "https://bugzilla.suse.com/1223207"
},
{
"category": "self",
"summary": "SUSE Bug 1223360",
"url": "https://bugzilla.suse.com/1223360"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223633",
"url": "https://bugzilla.suse.com/1223633"
},
{
"category": "self",
"summary": "SUSE Bug 1223653",
"url": "https://bugzilla.suse.com/1223653"
},
{
"category": "self",
"summary": "SUSE Bug 1223666",
"url": "https://bugzilla.suse.com/1223666"
},
{
"category": "self",
"summary": "SUSE Bug 1223671",
"url": "https://bugzilla.suse.com/1223671"
},
{
"category": "self",
"summary": "SUSE Bug 1223738",
"url": "https://bugzilla.suse.com/1223738"
},
{
"category": "self",
"summary": "SUSE Bug 1223752",
"url": "https://bugzilla.suse.com/1223752"
},
{
"category": "self",
"summary": "SUSE Bug 1223834",
"url": "https://bugzilla.suse.com/1223834"
},
{
"category": "self",
"summary": "SUSE Bug 1223922",
"url": "https://bugzilla.suse.com/1223922"
},
{
"category": "self",
"summary": "SUSE Bug 1223932",
"url": "https://bugzilla.suse.com/1223932"
},
{
"category": "self",
"summary": "SUSE Bug 1223948",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "self",
"summary": "SUSE Bug 1224096",
"url": "https://bugzilla.suse.com/1224096"
},
{
"category": "self",
"summary": "SUSE Bug 1224174",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "self",
"summary": "SUSE Bug 1224181",
"url": "https://bugzilla.suse.com/1224181"
},
{
"category": "self",
"summary": "SUSE Bug 1224347",
"url": "https://bugzilla.suse.com/1224347"
},
{
"category": "self",
"summary": "SUSE Bug 1224482",
"url": "https://bugzilla.suse.com/1224482"
},
{
"category": "self",
"summary": "SUSE Bug 1224511",
"url": "https://bugzilla.suse.com/1224511"
},
{
"category": "self",
"summary": "SUSE Bug 1224525",
"url": "https://bugzilla.suse.com/1224525"
},
{
"category": "self",
"summary": "SUSE Bug 1224566",
"url": "https://bugzilla.suse.com/1224566"
},
{
"category": "self",
"summary": "SUSE Bug 1224580",
"url": "https://bugzilla.suse.com/1224580"
},
{
"category": "self",
"summary": "SUSE Bug 1224592",
"url": "https://bugzilla.suse.com/1224592"
},
{
"category": "self",
"summary": "SUSE Bug 1224601",
"url": "https://bugzilla.suse.com/1224601"
},
{
"category": "self",
"summary": "SUSE Bug 1224607",
"url": "https://bugzilla.suse.com/1224607"
},
{
"category": "self",
"summary": "SUSE Bug 1224621",
"url": "https://bugzilla.suse.com/1224621"
},
{
"category": "self",
"summary": "SUSE Bug 1224644",
"url": "https://bugzilla.suse.com/1224644"
},
{
"category": "self",
"summary": "SUSE Bug 1224645",
"url": "https://bugzilla.suse.com/1224645"
},
{
"category": "self",
"summary": "SUSE Bug 1224648",
"url": "https://bugzilla.suse.com/1224648"
},
{
"category": "self",
"summary": "SUSE Bug 1224650",
"url": "https://bugzilla.suse.com/1224650"
},
{
"category": "self",
"summary": "SUSE Bug 1224663",
"url": "https://bugzilla.suse.com/1224663"
},
{
"category": "self",
"summary": "SUSE Bug 1224671",
"url": "https://bugzilla.suse.com/1224671"
},
{
"category": "self",
"summary": "SUSE Bug 1224676",
"url": "https://bugzilla.suse.com/1224676"
},
{
"category": "self",
"summary": "SUSE Bug 1224680",
"url": "https://bugzilla.suse.com/1224680"
},
{
"category": "self",
"summary": "SUSE Bug 1224682",
"url": "https://bugzilla.suse.com/1224682"
},
{
"category": "self",
"summary": "SUSE Bug 1224725",
"url": "https://bugzilla.suse.com/1224725"
},
{
"category": "self",
"summary": "SUSE Bug 1224728",
"url": "https://bugzilla.suse.com/1224728"
},
{
"category": "self",
"summary": "SUSE Bug 1224733",
"url": "https://bugzilla.suse.com/1224733"
},
{
"category": "self",
"summary": "SUSE Bug 1224738",
"url": "https://bugzilla.suse.com/1224738"
},
{
"category": "self",
"summary": "SUSE Bug 1224747",
"url": "https://bugzilla.suse.com/1224747"
},
{
"category": "self",
"summary": "SUSE Bug 1224749",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "self",
"summary": "SUSE Bug 1224759",
"url": "https://bugzilla.suse.com/1224759"
},
{
"category": "self",
"summary": "SUSE Bug 1224803",
"url": "https://bugzilla.suse.com/1224803"
},
{
"category": "self",
"summary": "SUSE Bug 1224827",
"url": "https://bugzilla.suse.com/1224827"
},
{
"category": "self",
"summary": "SUSE Bug 1224830",
"url": "https://bugzilla.suse.com/1224830"
},
{
"category": "self",
"summary": "SUSE Bug 1224831",
"url": "https://bugzilla.suse.com/1224831"
},
{
"category": "self",
"summary": "SUSE Bug 1224834",
"url": "https://bugzilla.suse.com/1224834"
},
{
"category": "self",
"summary": "SUSE Bug 1224838",
"url": "https://bugzilla.suse.com/1224838"
},
{
"category": "self",
"summary": "SUSE Bug 1224841",
"url": "https://bugzilla.suse.com/1224841"
},
{
"category": "self",
"summary": "SUSE Bug 1224844",
"url": "https://bugzilla.suse.com/1224844"
},
{
"category": "self",
"summary": "SUSE Bug 1224846",
"url": "https://bugzilla.suse.com/1224846"
},
{
"category": "self",
"summary": "SUSE Bug 1224847",
"url": "https://bugzilla.suse.com/1224847"
},
{
"category": "self",
"summary": "SUSE Bug 1224849",
"url": "https://bugzilla.suse.com/1224849"
},
{
"category": "self",
"summary": "SUSE Bug 1224854",
"url": "https://bugzilla.suse.com/1224854"
},
{
"category": "self",
"summary": "SUSE Bug 1224859",
"url": "https://bugzilla.suse.com/1224859"
},
{
"category": "self",
"summary": "SUSE Bug 1224867",
"url": "https://bugzilla.suse.com/1224867"
},
{
"category": "self",
"summary": "SUSE Bug 1224880",
"url": "https://bugzilla.suse.com/1224880"
},
{
"category": "self",
"summary": "SUSE Bug 1224882",
"url": "https://bugzilla.suse.com/1224882"
},
{
"category": "self",
"summary": "SUSE Bug 1224888",
"url": "https://bugzilla.suse.com/1224888"
},
{
"category": "self",
"summary": "SUSE Bug 1224889",
"url": "https://bugzilla.suse.com/1224889"
},
{
"category": "self",
"summary": "SUSE Bug 1224892",
"url": "https://bugzilla.suse.com/1224892"
},
{
"category": "self",
"summary": "SUSE Bug 1224893",
"url": "https://bugzilla.suse.com/1224893"
},
{
"category": "self",
"summary": "SUSE Bug 1224899",
"url": "https://bugzilla.suse.com/1224899"
},
{
"category": "self",
"summary": "SUSE Bug 1224904",
"url": "https://bugzilla.suse.com/1224904"
},
{
"category": "self",
"summary": "SUSE Bug 1224907",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "self",
"summary": "SUSE Bug 1224916",
"url": "https://bugzilla.suse.com/1224916"
},
{
"category": "self",
"summary": "SUSE Bug 1224917",
"url": "https://bugzilla.suse.com/1224917"
},
{
"category": "self",
"summary": "SUSE Bug 1224922",
"url": "https://bugzilla.suse.com/1224922"
},
{
"category": "self",
"summary": "SUSE Bug 1224926",
"url": "https://bugzilla.suse.com/1224926"
},
{
"category": "self",
"summary": "SUSE Bug 1224930",
"url": "https://bugzilla.suse.com/1224930"
},
{
"category": "self",
"summary": "SUSE Bug 1224931",
"url": "https://bugzilla.suse.com/1224931"
},
{
"category": "self",
"summary": "SUSE Bug 1224942",
"url": "https://bugzilla.suse.com/1224942"
},
{
"category": "self",
"summary": "SUSE Bug 1224954",
"url": "https://bugzilla.suse.com/1224954"
},
{
"category": "self",
"summary": "SUSE Bug 1224957",
"url": "https://bugzilla.suse.com/1224957"
},
{
"category": "self",
"summary": "SUSE Bug 1224959",
"url": "https://bugzilla.suse.com/1224959"
},
{
"category": "self",
"summary": "SUSE Bug 1224960",
"url": "https://bugzilla.suse.com/1224960"
},
{
"category": "self",
"summary": "SUSE Bug 1224961",
"url": "https://bugzilla.suse.com/1224961"
},
{
"category": "self",
"summary": "SUSE Bug 1224963",
"url": "https://bugzilla.suse.com/1224963"
},
{
"category": "self",
"summary": "SUSE Bug 1224966",
"url": "https://bugzilla.suse.com/1224966"
},
{
"category": "self",
"summary": "SUSE Bug 1224968",
"url": "https://bugzilla.suse.com/1224968"
},
{
"category": "self",
"summary": "SUSE Bug 1224981",
"url": "https://bugzilla.suse.com/1224981"
},
{
"category": "self",
"summary": "SUSE Bug 1224982",
"url": "https://bugzilla.suse.com/1224982"
},
{
"category": "self",
"summary": "SUSE Bug 1224983",
"url": "https://bugzilla.suse.com/1224983"
},
{
"category": "self",
"summary": "SUSE Bug 1224987",
"url": "https://bugzilla.suse.com/1224987"
},
{
"category": "self",
"summary": "SUSE Bug 1224990",
"url": "https://bugzilla.suse.com/1224990"
},
{
"category": "self",
"summary": "SUSE Bug 1224996",
"url": "https://bugzilla.suse.com/1224996"
},
{
"category": "self",
"summary": "SUSE Bug 1225008",
"url": "https://bugzilla.suse.com/1225008"
},
{
"category": "self",
"summary": "SUSE Bug 1225009",
"url": "https://bugzilla.suse.com/1225009"
},
{
"category": "self",
"summary": "SUSE Bug 1225010",
"url": "https://bugzilla.suse.com/1225010"
},
{
"category": "self",
"summary": "SUSE Bug 1225022",
"url": "https://bugzilla.suse.com/1225022"
},
{
"category": "self",
"summary": "SUSE Bug 1225026",
"url": "https://bugzilla.suse.com/1225026"
},
{
"category": "self",
"summary": "SUSE Bug 1225030",
"url": "https://bugzilla.suse.com/1225030"
},
{
"category": "self",
"summary": "SUSE Bug 1225054",
"url": "https://bugzilla.suse.com/1225054"
},
{
"category": "self",
"summary": "SUSE Bug 1225058",
"url": "https://bugzilla.suse.com/1225058"
},
{
"category": "self",
"summary": "SUSE Bug 1225059",
"url": "https://bugzilla.suse.com/1225059"
},
{
"category": "self",
"summary": "SUSE Bug 1225060",
"url": "https://bugzilla.suse.com/1225060"
},
{
"category": "self",
"summary": "SUSE Bug 1225062",
"url": "https://bugzilla.suse.com/1225062"
},
{
"category": "self",
"summary": "SUSE Bug 1225082",
"url": "https://bugzilla.suse.com/1225082"
},
{
"category": "self",
"summary": "SUSE Bug 1225084",
"url": "https://bugzilla.suse.com/1225084"
},
{
"category": "self",
"summary": "SUSE Bug 1225086",
"url": "https://bugzilla.suse.com/1225086"
},
{
"category": "self",
"summary": "SUSE Bug 1225092",
"url": "https://bugzilla.suse.com/1225092"
},
{
"category": "self",
"summary": "SUSE Bug 1225096",
"url": "https://bugzilla.suse.com/1225096"
},
{
"category": "self",
"summary": "SUSE Bug 1225112",
"url": "https://bugzilla.suse.com/1225112"
},
{
"category": "self",
"summary": "SUSE Bug 1225124",
"url": "https://bugzilla.suse.com/1225124"
},
{
"category": "self",
"summary": "SUSE Bug 1225128",
"url": "https://bugzilla.suse.com/1225128"
},
{
"category": "self",
"summary": "SUSE Bug 1225132",
"url": "https://bugzilla.suse.com/1225132"
},
{
"category": "self",
"summary": "SUSE Bug 1225141",
"url": "https://bugzilla.suse.com/1225141"
},
{
"category": "self",
"summary": "SUSE Bug 1225143",
"url": "https://bugzilla.suse.com/1225143"
},
{
"category": "self",
"summary": "SUSE Bug 1225144",
"url": "https://bugzilla.suse.com/1225144"
},
{
"category": "self",
"summary": "SUSE Bug 1225151",
"url": "https://bugzilla.suse.com/1225151"
},
{
"category": "self",
"summary": "SUSE Bug 1225153",
"url": "https://bugzilla.suse.com/1225153"
},
{
"category": "self",
"summary": "SUSE Bug 1225155",
"url": "https://bugzilla.suse.com/1225155"
},
{
"category": "self",
"summary": "SUSE Bug 1225157",
"url": "https://bugzilla.suse.com/1225157"
},
{
"category": "self",
"summary": "SUSE Bug 1225164",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "self",
"summary": "SUSE Bug 1225177",
"url": "https://bugzilla.suse.com/1225177"
},
{
"category": "self",
"summary": "SUSE Bug 1225189",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "self",
"summary": "SUSE Bug 1225192",
"url": "https://bugzilla.suse.com/1225192"
},
{
"category": "self",
"summary": "SUSE Bug 1225193",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "self",
"summary": "SUSE Bug 1225198",
"url": "https://bugzilla.suse.com/1225198"
},
{
"category": "self",
"summary": "SUSE Bug 1225201",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "self",
"summary": "SUSE Bug 1225207",
"url": "https://bugzilla.suse.com/1225207"
},
{
"category": "self",
"summary": "SUSE Bug 1225208",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "self",
"summary": "SUSE Bug 1225222",
"url": "https://bugzilla.suse.com/1225222"
},
{
"category": "self",
"summary": "SUSE Bug 1225230",
"url": "https://bugzilla.suse.com/1225230"
},
{
"category": "self",
"summary": "SUSE Bug 1225242",
"url": "https://bugzilla.suse.com/1225242"
},
{
"category": "self",
"summary": "SUSE Bug 1225244",
"url": "https://bugzilla.suse.com/1225244"
},
{
"category": "self",
"summary": "SUSE Bug 1225247",
"url": "https://bugzilla.suse.com/1225247"
},
{
"category": "self",
"summary": "SUSE Bug 1225251",
"url": "https://bugzilla.suse.com/1225251"
},
{
"category": "self",
"summary": "SUSE Bug 1225252",
"url": "https://bugzilla.suse.com/1225252"
},
{
"category": "self",
"summary": "SUSE Bug 1225256",
"url": "https://bugzilla.suse.com/1225256"
},
{
"category": "self",
"summary": "SUSE Bug 1225303",
"url": "https://bugzilla.suse.com/1225303"
},
{
"category": "self",
"summary": "SUSE Bug 1225318",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "self",
"summary": "SUSE Bug 1225322",
"url": "https://bugzilla.suse.com/1225322"
},
{
"category": "self",
"summary": "SUSE Bug 1225329",
"url": "https://bugzilla.suse.com/1225329"
},
{
"category": "self",
"summary": "SUSE Bug 1225330",
"url": "https://bugzilla.suse.com/1225330"
},
{
"category": "self",
"summary": "SUSE Bug 1225336",
"url": "https://bugzilla.suse.com/1225336"
},
{
"category": "self",
"summary": "SUSE Bug 1225347",
"url": "https://bugzilla.suse.com/1225347"
},
{
"category": "self",
"summary": "SUSE Bug 1225351",
"url": "https://bugzilla.suse.com/1225351"
},
{
"category": "self",
"summary": "SUSE Bug 1225354",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "self",
"summary": "SUSE Bug 1225355",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "self",
"summary": "SUSE Bug 1225360",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "self",
"summary": "SUSE Bug 1225366",
"url": "https://bugzilla.suse.com/1225366"
},
{
"category": "self",
"summary": "SUSE Bug 1225367",
"url": "https://bugzilla.suse.com/1225367"
},
{
"category": "self",
"summary": "SUSE Bug 1225384",
"url": "https://bugzilla.suse.com/1225384"
},
{
"category": "self",
"summary": "SUSE Bug 1225390",
"url": "https://bugzilla.suse.com/1225390"
},
{
"category": "self",
"summary": "SUSE Bug 1225404",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "self",
"summary": "SUSE Bug 1225409",
"url": "https://bugzilla.suse.com/1225409"
},
{
"category": "self",
"summary": "SUSE Bug 1225411",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "self",
"summary": "SUSE Bug 1225438",
"url": "https://bugzilla.suse.com/1225438"
},
{
"category": "self",
"summary": "SUSE Bug 1225453",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "self",
"summary": "SUSE Bug 1225479",
"url": "https://bugzilla.suse.com/1225479"
},
{
"category": "self",
"summary": "SUSE Bug 1225482",
"url": "https://bugzilla.suse.com/1225482"
},
{
"category": "self",
"summary": "SUSE Bug 1225506",
"url": "https://bugzilla.suse.com/1225506"
},
{
"category": "self",
"summary": "SUSE Bug 1225549",
"url": "https://bugzilla.suse.com/1225549"
},
{
"category": "self",
"summary": "SUSE Bug 1225560",
"url": "https://bugzilla.suse.com/1225560"
},
{
"category": "self",
"summary": "SUSE Bug 1225572",
"url": "https://bugzilla.suse.com/1225572"
},
{
"category": "self",
"summary": "SUSE Bug 1225640",
"url": "https://bugzilla.suse.com/1225640"
},
{
"category": "self",
"summary": "SUSE Bug 1225708",
"url": "https://bugzilla.suse.com/1225708"
},
{
"category": "self",
"summary": "SUSE Bug 1225764",
"url": "https://bugzilla.suse.com/1225764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46933 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47074 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47171 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47188 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47206 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47220 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47229 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47231 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47235 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47236 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47237 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47238 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47239 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47245 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47246 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47248 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47249 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47250 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47252 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47254 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47258 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47260 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47261 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47265 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47269 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47274 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47276 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47277 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47280 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47281 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47284 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47285 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47288 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47301 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47302 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47305 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47307 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47308 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47310 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47311 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47314 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47315 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47319 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47320 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47321 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47323 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47324 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47330 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47334 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47334/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47337 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47344 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47345 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47347 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47352 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47353 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47355 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47356 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47357 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47361 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47362 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47369 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47378 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47382 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47383 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47391 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47397 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47400 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47401 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47404 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47409 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47416 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47423 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47424 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47431 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47435 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47436 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47456 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47458 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47460 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47469 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47472 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47473 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47478 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47480 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47483 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47485 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47495 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47496 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47497 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47500 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47506 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47509 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47511 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47523 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47541 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47548 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47565 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48686 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48697 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48704 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48708 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48710 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-42755 page",
"url": "https://www.suse.com/security/cve/CVE-2023-42755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47233 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52527 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52586 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52655 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52664 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52685 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52691 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52696 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52698 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52703 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52730 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52732 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52741 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52742 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52747 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52759 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52774 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52781 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52796 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52803 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52821 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52875 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52880 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26625 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26752 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26846 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26874 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27396 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27401 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27419 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27436 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35809 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35849 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36954/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-06-11T07:41:39Z",
"generator": {
"date": "2024-06-11T07:41:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1979-1",
"initial_release_date": "2024-06-11T07:41:39Z",
"revision_history": [
{
"date": "2024-06-11T07:41:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.188.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.188.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.188.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.188.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.188.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.188.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.188.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.188.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.188.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.188.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.188.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.188.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.188.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.188.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.188.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.188.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.188.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.188.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.188.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.188.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.188.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.188.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.188.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.188.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.188.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.188.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.188.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.188.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.188.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.188.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.188.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.188.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.188.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.\n\nffs_data_clear is indirectly called from both ffs_fs_kill_sb and\nffs_ep0_release, so it ends up being called twice when userland closes ep0\nand then unmounts f_fs.\nIf userland provided an eventfd along with function\u0027s USB descriptors, it\nends up calling eventfd_ctx_put as many times, causing a refcount\nunderflow.\nNULL-ify ffs_eventfd to prevent these extraneous eventfd_ctx_put calls.\n\nAlso, set epfiles to NULL right after de-allocating it, for readability.\n\nFor completeness, ffs_data_clear actually ends up being called thrice, the\nlast call being before the whole ffs structure gets freed, so when this\nspecific sequence happens there is a second underflow happening (but not\nbeing reported):\n\n/sys/kernel/debug/tracing# modprobe usb_f_fs\n/sys/kernel/debug/tracing# echo ffs_data_clear \u003e set_ftrace_filter\n/sys/kernel/debug/tracing# echo function \u003e current_tracer\n/sys/kernel/debug/tracing# echo 1 \u003e tracing_on\n(setup gadget, run and kill function userland process, teardown gadget)\n/sys/kernel/debug/tracing# echo 0 \u003e tracing_on\n/sys/kernel/debug/tracing# cat trace\n smartcard-openp-436 [000] ..... 1946.208786: ffs_data_clear \u003c-ffs_data_closed\n smartcard-openp-431 [000] ..... 1946.279147: ffs_data_clear \u003c-ffs_data_closed\n smartcard-openp-431 [000] .n... 1946.905512: ffs_data_clear \u003c-ffs_data_put\n\nWarning output corresponding to above trace:\n[ 1946.284139] WARNING: CPU: 0 PID: 431 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15c\n[ 1946.293094] refcount_t: underflow; use-after-free.\n[ 1946.298164] Modules linked in: usb_f_ncm(E) u_ether(E) usb_f_fs(E) hci_uart(E) btqca(E) btrtl(E) btbcm(E) btintel(E) bluetooth(E) nls_ascii(E) nls_cp437(E) vfat(E) fat(E) bcm2835_v4l2(CE) bcm2835_mmal_vchiq(CE) videobuf2_vmalloc(E) videobuf2_memops(E) sha512_generic(E) videobuf2_v4l2(E) sha512_arm(E) videobuf2_common(E) videodev(E) cpufreq_dt(E) snd_bcm2835(CE) brcmfmac(E) mc(E) vc4(E) ctr(E) brcmutil(E) snd_soc_core(E) snd_pcm_dmaengine(E) drbg(E) snd_pcm(E) snd_timer(E) snd(E) soundcore(E) drm_kms_helper(E) cec(E) ansi_cprng(E) rc_core(E) syscopyarea(E) raspberrypi_cpufreq(E) sysfillrect(E) sysimgblt(E) cfg80211(E) max17040_battery(OE) raspberrypi_hwmon(E) fb_sys_fops(E) regmap_i2c(E) ecdh_generic(E) rfkill(E) ecc(E) bcm2835_rng(E) rng_core(E) vchiq(CE) leds_gpio(E) libcomposite(E) fuse(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) sdhci_iproc(E) sdhci_pltfm(E) sdhci(E)\n[ 1946.399633] CPU: 0 PID: 431 Comm: smartcard-openp Tainted: G C OE 5.15.0-1-rpi #1 Debian 5.15.3-1\n[ 1946.417950] Hardware name: BCM2835\n[ 1946.425442] Backtrace:\n[ 1946.432048] [\u003cc08d60a0\u003e] (dump_backtrace) from [\u003cc08d62ec\u003e] (show_stack+0x20/0x24)\n[ 1946.448226] r7:00000009 r6:0000001c r5:c04a948c r4:c0a64e2c\n[ 1946.458412] [\u003cc08d62cc\u003e] (show_stack) from [\u003cc08d9ae0\u003e] (dump_stack+0x28/0x30)\n[ 1946.470380] [\u003cc08d9ab8\u003e] (dump_stack) from [\u003cc0123500\u003e] (__warn+0xe8/0x154)\n[ 1946.482067] r5:c04a948c r4:c0a71dc8\n[ 1946.490184] [\u003cc0123418\u003e] (__warn) from [\u003cc08d6948\u003e] (warn_slowpath_fmt+0xa0/0xe4)\n[ 1946.506758] r7:00000009 r6:0000001c r5:c0a71dc8 r4:c0a71e04\n[ 1946.517070] [\u003cc08d68ac\u003e] (warn_slowpath_fmt) from [\u003cc04a948c\u003e] (refcount_warn_saturate+0x110/0x15c)\n[ 1946.535309] r8:c0100224 r7:c0dfcb84 r6:ffffffff r5:c3b84c00 r4:c24a17c0\n[ 1946.546708] [\u003cc04a937c\u003e] (refcount_warn_saturate) from [\u003cc0380134\u003e] (eventfd_ctx_put+0x48/0x74)\n[ 1946.564476] [\u003cc03800ec\u003e] (eventfd_ctx_put) from [\u003cbf5464e8\u003e] (ffs_data_clear+0xd0/0x118 [usb_f_fs])\n[ 1946.582664] r5:c3b84c00 r4:c2695b00\n[ 1946.590668] [\u003cbf546418\u003e] (ffs_data_clear [usb_f_fs]) from [\u003cbf547cc0\u003e] (ffs_data_closed+0x9c/0x150 [usb_f_fs])\n[ 1946.609608] r5:bf54d014 r4:c2695b00\n[ 1946.617522] [\u003cbf547c24\u003e] (ffs_data_closed [usb_f_fs]) from [\u003cbf547da0\u003e] (ffs_fs_kill_sb+0x2c/0x30 [usb_f_fs])\n[ 1946.636217] r7:c0dfcb\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46933",
"url": "https://www.suse.com/security/cve/CVE-2021-46933"
},
{
"category": "external",
"summary": "SUSE Bug 1220487 for CVE-2021-46933",
"url": "https://bugzilla.suse.com/1220487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-46933"
},
{
"cve": "CVE-2021-47074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-loop: fix memory leak in nvme_loop_create_ctrl()\n\nWhen creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl()\nfails, the loop ctrl should be freed before jumping to the \"out\" label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47074",
"url": "https://www.suse.com/security/cve/CVE-2021-47074"
},
{
"category": "external",
"summary": "SUSE Bug 1220854 for CVE-2021-47074",
"url": "https://bugzilla.suse.com/1220854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47074"
},
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47171",
"url": "https://www.suse.com/security/cve/CVE-2021-47171"
},
{
"category": "external",
"summary": "SUSE Bug 1221994 for CVE-2021-47171",
"url": "https://bugzilla.suse.com/1221994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp-\u003ecmd);\n\nFix this warning by clearing lrbp-\u003ecmd from the abort handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47188",
"url": "https://www.suse.com/security/cve/CVE-2021-47188"
},
{
"category": "external",
"summary": "SUSE Bug 1222671 for CVE-2021-47188",
"url": "https://bugzilla.suse.com/1222671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-tmio: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47206",
"url": "https://www.suse.com/security/cve/CVE-2021-47206"
},
{
"category": "external",
"summary": "SUSE Bug 1222894 for CVE-2021-47206",
"url": "https://bugzilla.suse.com/1222894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47206"
},
{
"cve": "CVE-2021-47220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47220"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47220",
"url": "https://www.suse.com/security/cve/CVE-2021-47220"
},
{
"category": "external",
"summary": "SUSE Bug 1224859 for CVE-2021-47220",
"url": "https://bugzilla.suse.com/1224859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47220"
},
{
"cve": "CVE-2021-47229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: aardvark: Fix kernel panic during PIO transfer\n\nTrying to start a new PIO transfer by writing value 0 in PIO_START register\nwhen previous transfer has not yet completed (which is indicated by value 1\nin PIO_START) causes an External Abort on CPU, which results in kernel\npanic:\n\n SError Interrupt on CPU0, code 0xbf000002 -- SError\n Kernel panic - not syncing: Asynchronous SError Interrupt\n\nTo prevent kernel panic, it is required to reject a new PIO transfer when\nprevious one has not finished yet.\n\nIf previous PIO transfer is not finished yet, the kernel may issue a new\nPIO request only if the previous PIO transfer timed out.\n\nIn the past the root cause of this issue was incorrectly identified (as it\noften happens during link retraining or after link down event) and special\nhack was implemented in Trusted Firmware to catch all SError events in EL3,\nto ignore errors with code 0xbf000002 and not forwarding any other errors\nto kernel and instead throw panic from EL3 Trusted Firmware handler.\n\nLinks to discussion and patches about this issue:\nhttps://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=3c7dcdac5c50\nhttps://lore.kernel.org/linux-pci/20190316161243.29517-1-repk@triplefau.lt/\nhttps://lore.kernel.org/linux-pci/971be151d24312cc533989a64bd454b4@www.loen.fr/\nhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/1541\n\nBut the real cause was the fact that during link retraining or after link\ndown event the PIO transfer may take longer time, up to the 1.44s until it\ntimes out. This increased probability that a new PIO transfer would be\nissued by kernel while previous one has not finished yet.\n\nAfter applying this change into the kernel, it is possible to revert the\nmentioned TF-A hack and SError events do not have to be caught in TF-A EL3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47229",
"url": "https://www.suse.com/security/cve/CVE-2021-47229"
},
{
"category": "external",
"summary": "SUSE Bug 1224854 for CVE-2021-47229",
"url": "https://bugzilla.suse.com/1224854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47229"
},
{
"cve": "CVE-2021-47231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcba_usb: fix memory leak in mcba_usb\n\nSyzbot reported memory leak in SocketCAN driver for Microchip CAN BUS\nAnalyzer Tool. The problem was in unfreed usb_coherent.\n\nIn mcba_usb_start() 20 coherent buffers are allocated and there is\nnothing, that frees them:\n\n1) In callback function the urb is resubmitted and that\u0027s all\n2) In disconnect function urbs are simply killed, but URB_FREE_BUFFER\n is not set (see mcba_usb_start) and this flag cannot be used with\n coherent buffers.\n\nFail log:\n| [ 1354.053291][ T8413] mcba_usb 1-1:0.0 can0: device disconnected\n| [ 1367.059384][ T8420] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmem)\n\nSo, all allocated buffers should be freed with usb_free_coherent()\nexplicitly\n\nNOTE:\nThe same pattern for allocating and freeing coherent buffers\nis used in drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47231",
"url": "https://www.suse.com/security/cve/CVE-2021-47231"
},
{
"category": "external",
"summary": "SUSE Bug 1224849 for CVE-2021-47231",
"url": "https://bugzilla.suse.com/1224849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47231"
},
{
"cve": "CVE-2021-47235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47235"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: fix potential use-after-free in ec_bhf_remove\n\nstatic void ec_bhf_remove(struct pci_dev *dev)\n{\n...\n\tstruct ec_bhf_priv *priv = netdev_priv(net_dev);\n\n\tunregister_netdev(net_dev);\n\tfree_netdev(net_dev);\n\n\tpci_iounmap(dev, priv-\u003edma_io);\n\tpci_iounmap(dev, priv-\u003eio);\n...\n}\n\npriv is netdev private data, but it is used\nafter free_netdev(). It can cause use-after-free when accessing priv\npointer. So, fix it by moving free_netdev() after pci_iounmap()\ncalls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47235",
"url": "https://www.suse.com/security/cve/CVE-2021-47235"
},
{
"category": "external",
"summary": "SUSE Bug 1224844 for CVE-2021-47235",
"url": "https://bugzilla.suse.com/1224844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47235"
},
{
"cve": "CVE-2021-47236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47236"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cdc_eem: fix tx fixup skb leak\n\nwhen usbnet transmit a skb, eem fixup it in eem_tx_fixup(),\nif skb_copy_expand() failed, it return NULL,\nusbnet_start_xmit() will have no chance to free original skb.\n\nfix it by free orginal skb in eem_tx_fixup() first,\nthen check skb clone status, if failed, return NULL to usbnet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47236",
"url": "https://www.suse.com/security/cve/CVE-2021-47236"
},
{
"category": "external",
"summary": "SUSE Bug 1224841 for CVE-2021-47236",
"url": "https://bugzilla.suse.com/1224841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47236"
},
{
"cve": "CVE-2021-47237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hamradio: fix memory leak in mkiss_close\n\nMy local syzbot instance hit memory leak in\nmkiss_open()[1]. The problem was in missing\nfree_netdev() in mkiss_close().\n\nIn mkiss_open() netdevice is allocated and then\nregistered, but in mkiss_close() netdevice was\nonly unregistered, but not freed.\n\nFail log:\n\nBUG: memory leak\nunreferenced object 0xffff8880281ba000 (size 4096):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 61 78 30 00 00 00 00 00 00 00 00 00 00 00 00 00 ax0.............\n 00 27 fa 2a 80 88 ff ff 00 00 00 00 00 00 00 00 .\u0027.*............\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706e7e8\u003e] alloc_netdev_mqs+0x98/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff8880141a9a00 (size 96):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n e8 a2 1b 28 80 88 ff ff e8 a2 1b 28 80 88 ff ff ...(.......(....\n 98 92 9c aa b0 40 02 00 00 00 00 00 00 00 00 00 .....@..........\n backtrace:\n [\u003cffffffff8709f68b\u003e] __hw_addr_create_ex+0x5b/0x310\n [\u003cffffffff8709fb38\u003e] __hw_addr_add_ex+0x1f8/0x2b0\n [\u003cffffffff870a0c7b\u003e] dev_addr_init+0x10b/0x1f0\n [\u003cffffffff8706e88b\u003e] alloc_netdev_mqs+0x13b/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff8880219bfc00 (size 512):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 00 a0 1b 28 80 88 ff ff 80 8f b1 8d ff ff ff ff ...(............\n 80 8f b1 8d ff ff ff ff 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706eec7\u003e] alloc_netdev_mqs+0x777/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff888029b2b200 (size 256):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706f062\u003e] alloc_netdev_mqs+0x912/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47237",
"url": "https://www.suse.com/security/cve/CVE-2021-47237"
},
{
"category": "external",
"summary": "SUSE Bug 1224830 for CVE-2021-47237",
"url": "https://bugzilla.suse.com/1224830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47237"
},
{
"cve": "CVE-2021-47238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in ip_mc_add1_src\n\nBUG: memory leak\nunreferenced object 0xffff888101bc4c00 (size 32):\n comm \"syz-executor527\", pid 360, jiffies 4294807421 (age 19.329s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 01 00 00 00 00 00 00 00 ac 14 14 bb 00 00 02 00 ................\n backtrace:\n [\u003c00000000f17c5244\u003e] kmalloc include/linux/slab.h:558 [inline]\n [\u003c00000000f17c5244\u003e] kzalloc include/linux/slab.h:688 [inline]\n [\u003c00000000f17c5244\u003e] ip_mc_add1_src net/ipv4/igmp.c:1971 [inline]\n [\u003c00000000f17c5244\u003e] ip_mc_add_src+0x95f/0xdb0 net/ipv4/igmp.c:2095\n [\u003c000000001cb99709\u003e] ip_mc_source+0x84c/0xea0 net/ipv4/igmp.c:2416\n [\u003c0000000052cf19ed\u003e] do_ip_setsockopt net/ipv4/ip_sockglue.c:1294 [inline]\n [\u003c0000000052cf19ed\u003e] ip_setsockopt+0x114b/0x30c0 net/ipv4/ip_sockglue.c:1423\n [\u003c00000000477edfbc\u003e] raw_setsockopt+0x13d/0x170 net/ipv4/raw.c:857\n [\u003c00000000e75ca9bb\u003e] __sys_setsockopt+0x158/0x270 net/socket.c:2117\n [\u003c00000000bdb993a8\u003e] __do_sys_setsockopt net/socket.c:2128 [inline]\n [\u003c00000000bdb993a8\u003e] __se_sys_setsockopt net/socket.c:2125 [inline]\n [\u003c00000000bdb993a8\u003e] __x64_sys_setsockopt+0xba/0x150 net/socket.c:2125\n [\u003c000000006a1ffdbd\u003e] do_syscall_64+0x40/0x80 arch/x86/entry/common.c:47\n [\u003c00000000b11467c4\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nIn commit 24803f38a5c0 (\"igmp: do not remove igmp souce list info when set\nlink down\"), the ip_mc_clear_src() in ip_mc_destroy_dev() was removed,\nbecause it was also called in igmpv3_clear_delrec().\n\nRough callgraph:\n\ninetdev_destroy\n-\u003e ip_mc_destroy_dev\n -\u003e igmpv3_clear_delrec\n -\u003e ip_mc_clear_src\n-\u003e RCU_INIT_POINTER(dev-\u003eip_ptr, NULL)\n\nHowever, ip_mc_clear_src() called in igmpv3_clear_delrec() doesn\u0027t\nrelease in_dev-\u003emc_list-\u003esources. And RCU_INIT_POINTER() assigns the\nNULL to dev-\u003eip_ptr. As a result, in_dev cannot be obtained through\ninetdev_by_index() and then in_dev-\u003emc_list-\u003esources cannot be released\nby ip_mc_del1_src() in the sock_close. Rough call sequence goes like:\n\nsock_close\n-\u003e __sock_release\n -\u003e inet_release\n -\u003e ip_mc_drop_socket\n -\u003e inetdev_by_index\n -\u003e ip_mc_leave_src\n -\u003e ip_mc_del_src\n -\u003e ip_mc_del1_src\n\nSo we still need to call ip_mc_clear_src() in ip_mc_destroy_dev() to free\nin_dev-\u003emc_list-\u003esources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47238",
"url": "https://www.suse.com/security/cve/CVE-2021-47238"
},
{
"category": "external",
"summary": "SUSE Bug 1224847 for CVE-2021-47238",
"url": "https://bugzilla.suse.com/1224847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47238"
},
{
"cve": "CVE-2021-47239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix possible use-after-free in smsc75xx_bind\n\nThe commit 46a8b29c6306 (\"net: usb: fix memory leak in smsc75xx_bind\")\nfails to clean up the work scheduled in smsc75xx_reset-\u003e\nsmsc75xx_set_multicast, which leads to use-after-free if the work is\nscheduled to start after the deallocation. In addition, this patch\nalso removes a dangling pointer - dev-\u003edata[0].\n\nThis patch calls cancel_work_sync to cancel the scheduled work and set\nthe dangling pointer to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47239",
"url": "https://www.suse.com/security/cve/CVE-2021-47239"
},
{
"category": "external",
"summary": "SUSE Bug 1224846 for CVE-2021-47239",
"url": "https://bugzilla.suse.com/1224846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47239"
},
{
"cve": "CVE-2021-47245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: synproxy: Fix out of bounds when parsing TCP options\n\nThe TCP option parser in synproxy (synproxy_parse_options) could read\none byte out of bounds. When the length is 1, the execution flow gets\ninto the loop, reads one byte of the opcode, and if the opcode is\nneither TCPOPT_EOL nor TCPOPT_NOP, it reads one more byte, which exceeds\nthe length of 1.\n\nThis fix is inspired by commit 9609dad263f8 (\"ipv4: tcp_input: fix stack\nout of bounds when parsing TCP options.\").\n\nv2 changes:\n\nAdded an early return when length \u003c 0 to avoid calling\nskb_header_pointer with negative length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47245",
"url": "https://www.suse.com/security/cve/CVE-2021-47245"
},
{
"category": "external",
"summary": "SUSE Bug 1224838 for CVE-2021-47245",
"url": "https://bugzilla.suse.com/1224838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47245"
},
{
"cve": "CVE-2021-47246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47246"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix page reclaim for dead peer hairpin\n\nWhen adding a hairpin flow, a firmware-side send queue is created for\nthe peer net device, which claims some host memory pages for its\ninternal ring buffer. If the peer net device is removed/unbound before\nthe hairpin flow is deleted, then the send queue is not destroyed which\nleads to a stack trace on pci device remove:\n\n[ 748.005230] mlx5_core 0000:08:00.2: wait_func:1094:(pid 12985): MANAGE_PAGES(0x108) timeout. Will cause a leak of a command resource\n[ 748.005231] mlx5_core 0000:08:00.2: reclaim_pages:514:(pid 12985): failed reclaiming pages: err -110\n[ 748.001835] mlx5_core 0000:08:00.2: mlx5_reclaim_root_pages:653:(pid 12985): failed reclaiming pages (-110) for func id 0x0\n[ 748.002171] ------------[ cut here ]------------\n[ 748.001177] FW pages counter is 4 after reclaiming all pages\n[ 748.001186] WARNING: CPU: 1 PID: 12985 at drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c:685 mlx5_reclaim_startup_pages+0x34b/0x460 [mlx5_core] [ +0.002771] Modules linked in: cls_flower mlx5_ib mlx5_core ptp pps_core act_mirred sch_ingress openvswitch nsh xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_umad ib_ipoib iw_cm ib_cm ib_uverbs ib_core overlay fuse [last unloaded: pps_core]\n[ 748.007225] CPU: 1 PID: 12985 Comm: tee Not tainted 5.12.0+ #1\n[ 748.001376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 748.002315] RIP: 0010:mlx5_reclaim_startup_pages+0x34b/0x460 [mlx5_core]\n[ 748.001679] Code: 28 00 00 00 0f 85 22 01 00 00 48 81 c4 b0 00 00 00 31 c0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 c7 c7 40 cc 19 a1 e8 9f 71 0e e2 \u003c0f\u003e 0b e9 30 ff ff ff 48 c7 c7 a0 cc 19 a1 e8 8c 71 0e e2 0f 0b e9\n[ 748.003781] RSP: 0018:ffff88815220faf8 EFLAGS: 00010286\n[ 748.001149] RAX: 0000000000000000 RBX: ffff8881b4900280 RCX: 0000000000000000\n[ 748.001445] RDX: 0000000000000027 RSI: 0000000000000004 RDI: ffffed102a441f51\n[ 748.001614] RBP: 00000000000032b9 R08: 0000000000000001 R09: ffffed1054a15ee8\n[ 748.001446] R10: ffff8882a50af73b R11: ffffed1054a15ee7 R12: fffffbfff07c1e30\n[ 748.001447] R13: dffffc0000000000 R14: ffff8881b492cba8 R15: 0000000000000000\n[ 748.001429] FS: 00007f58bd08b580(0000) GS:ffff8882a5080000(0000) knlGS:0000000000000000\n[ 748.001695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 748.001309] CR2: 000055a026351740 CR3: 00000001d3b48006 CR4: 0000000000370ea0\n[ 748.001506] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 748.001483] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 748.001654] Call Trace:\n[ 748.000576] ? mlx5_satisfy_startup_pages+0x290/0x290 [mlx5_core]\n[ 748.001416] ? mlx5_cmd_teardown_hca+0xa2/0xd0 [mlx5_core]\n[ 748.001354] ? mlx5_cmd_init_hca+0x280/0x280 [mlx5_core]\n[ 748.001203] mlx5_function_teardown+0x30/0x60 [mlx5_core]\n[ 748.001275] mlx5_uninit_one+0xa7/0xc0 [mlx5_core]\n[ 748.001200] remove_one+0x5f/0xc0 [mlx5_core]\n[ 748.001075] pci_device_remove+0x9f/0x1d0\n[ 748.000833] device_release_driver_internal+0x1e0/0x490\n[ 748.001207] unbind_store+0x19f/0x200\n[ 748.000942] ? sysfs_file_ops+0x170/0x170\n[ 748.001000] kernfs_fop_write_iter+0x2bc/0x450\n[ 748.000970] new_sync_write+0x373/0x610\n[ 748.001124] ? new_sync_read+0x600/0x600\n[ 748.001057] ? lock_acquire+0x4d6/0x700\n[ 748.000908] ? lockdep_hardirqs_on_prepare+0x400/0x400\n[ 748.001126] ? fd_install+0x1c9/0x4d0\n[ 748.000951] vfs_write+0x4d0/0x800\n[ 748.000804] ksys_write+0xf9/0x1d0\n[ 748.000868] ? __x64_sys_read+0xb0/0xb0\n[ 748.000811] ? filp_open+0x50/0x50\n[ 748.000919] ? syscall_enter_from_user_mode+0x1d/0x50\n[ 748.001223] do_syscall_64+0x3f/0x80\n[ 748.000892] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 748.00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47246",
"url": "https://www.suse.com/security/cve/CVE-2021-47246"
},
{
"category": "external",
"summary": "SUSE Bug 1224831 for CVE-2021-47246",
"url": "https://bugzilla.suse.com/1224831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47246"
},
{
"cve": "CVE-2021-47248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can\u0027t easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey \u003ckapandey@codeaurora.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47248",
"url": "https://www.suse.com/security/cve/CVE-2021-47248"
},
{
"category": "external",
"summary": "SUSE Bug 1224867 for CVE-2021-47248",
"url": "https://bugzilla.suse.com/1224867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47248"
},
{
"cve": "CVE-2021-47249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: fix memory leak in rds_recvmsg\n\nSyzbot reported memory leak in rds. The problem\nwas in unputted refcount in case of error.\n\nint rds_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,\n\t\tint msg_flags)\n{\n...\n\n\tif (!rds_next_incoming(rs, \u0026inc)) {\n\t\t...\n\t}\n\nAfter this \"if\" inc refcount incremented and\n\n\tif (rds_cmsg_recv(inc, msg, rs)) {\n\t\tret = -EFAULT;\n\t\tgoto out;\n\t}\n...\nout:\n\treturn ret;\n}\n\nin case of rds_cmsg_recv() fail the refcount won\u0027t be\ndecremented. And it\u0027s easy to see from ftrace log, that\nrds_inc_addref() don\u0027t have rds_inc_put() pair in\nrds_recvmsg() after rds_cmsg_recv()\n\n 1) | rds_recvmsg() {\n 1) 3.721 us | rds_inc_addref();\n 1) 3.853 us | rds_message_inc_copy_to_user();\n 1) + 10.395 us | rds_cmsg_recv();\n 1) + 34.260 us | }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47249",
"url": "https://www.suse.com/security/cve/CVE-2021-47249"
},
{
"category": "external",
"summary": "SUSE Bug 1224880 for CVE-2021-47249",
"url": "https://bugzilla.suse.com/1224880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47249"
},
{
"cve": "CVE-2021-47250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47250"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[\u003c00000000e67ed558\u003e] kmalloc include/linux/slab.h:590 [inline]\n[\u003c00000000e67ed558\u003e] kzalloc include/linux/slab.h:720 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[\u003c0000000006040154\u003e] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[\u003c00000000204d7a1c\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[\u003c00000000204d7a1c\u003e] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[\u003c00000000c0d6a995\u003e] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[\u003c00000000d78b9d2c\u003e] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[\u003c000000009733081b\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[\u003c000000009733081b\u003e] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[\u003c00000000d5fd43b8\u003e] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[\u003c000000000a2d1e40\u003e] sock_sendmsg_nosec net/socket.c:654 [inline]\n[\u003c000000000a2d1e40\u003e] sock_sendmsg+0x139/0x170 net/socket.c:674\n[\u003c00000000321d1969\u003e] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[\u003c00000000964e16bc\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[\u003c000000001615e288\u003e] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[\u003c000000004ee8b6a5\u003e] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[\u003c00000000171c7cee\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def-\u003emap.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47250",
"url": "https://www.suse.com/security/cve/CVE-2021-47250"
},
{
"category": "external",
"summary": "SUSE Bug 1224827 for CVE-2021-47250",
"url": "https://bugzilla.suse.com/1224827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47250"
},
{
"cve": "CVE-2021-47252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid WARN_ON timing related checks\n\nThe soft/batadv interface for a queued OGM can be changed during the time\nthe OGM was queued for transmission and when the OGM is actually\ntransmitted by the worker.\n\nBut WARN_ON must be used to denote kernel bugs and not to print simple\nwarnings. A warning can simply be printed using pr_warn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47252",
"url": "https://www.suse.com/security/cve/CVE-2021-47252"
},
{
"category": "external",
"summary": "SUSE Bug 1224882 for CVE-2021-47252",
"url": "https://bugzilla.suse.com/1224882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47252"
},
{
"cve": "CVE-2021-47254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix use-after-free in gfs2_glock_shrink_scan\n\nThe GLF_LRU flag is checked under lru_lock in gfs2_glock_remove_from_lru() to\nremove the glock from the lru list in __gfs2_glock_put().\n\nOn the shrink scan path, the same flag is cleared under lru_lock but because\nof cond_resched_lock(\u0026lru_lock) in gfs2_dispose_glock_lru(), progress on the\nput side can be made without deleting the glock from the lru list.\n\nKeep GLF_LRU across the race window opened by cond_resched_lock(\u0026lru_lock) to\nensure correct behavior on both sides - clear GLF_LRU after list_del under\nlru_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47254",
"url": "https://www.suse.com/security/cve/CVE-2021-47254"
},
{
"category": "external",
"summary": "SUSE Bug 1224888 for CVE-2021-47254",
"url": "https://bugzilla.suse.com/1224888"
},
{
"category": "external",
"summary": "SUSE Bug 1227559 for CVE-2021-47254",
"url": "https://bugzilla.suse.com/1227559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47254"
},
{
"cve": "CVE-2021-47258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix error handling of scsi_host_alloc()\n\nAfter device is initialized via device_initialize(), or its name is set via\ndev_set_name(), the device has to be freed via put_device(). Otherwise\ndevice name will be leaked because it is allocated dynamically in\ndev_set_name().\n\nFix the leak by replacing kfree() with put_device(). Since\nscsi_host_dev_release() properly handles IDA and kthread removal, remove\nspecial-casing these from the error handling as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47258",
"url": "https://www.suse.com/security/cve/CVE-2021-47258"
},
{
"category": "external",
"summary": "SUSE Bug 1224899 for CVE-2021-47258",
"url": "https://bugzilla.suse.com/1224899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47258"
},
{
"cve": "CVE-2021-47260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47260"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a potential NULL dereference in nfs_get_client()\n\nNone of the callers are expecting NULL returns from nfs_get_client() so\nthis code will lead to an Oops. It\u0027s better to return an error\npointer. I expect that this is dead code so hopefully no one is\naffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47260",
"url": "https://www.suse.com/security/cve/CVE-2021-47260"
},
{
"category": "external",
"summary": "SUSE Bug 1224834 for CVE-2021-47260",
"url": "https://bugzilla.suse.com/1224834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47260"
},
{
"cve": "CVE-2021-47261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix initializing CQ fragments buffer\n\nThe function init_cq_frag_buf() can be called to initialize the current CQ\nfragments buffer cq-\u003ebuf, or the temporary cq-\u003eresize_buf that is filled\nduring CQ resize operation.\n\nHowever, the offending commit started to use function get_cqe() for\ngetting the CQEs, the issue with this change is that get_cqe() always\nreturns CQEs from cq-\u003ebuf, which leads us to initialize the wrong buffer,\nand in case of enlarging the CQ we try to access elements beyond the size\nof the current cq-\u003ebuf and eventually hit a kernel panic.\n\n [exception RIP: init_cq_frag_buf+103]\n [ffff9f799ddcbcd8] mlx5_ib_resize_cq at ffffffffc0835d60 [mlx5_ib]\n [ffff9f799ddcbdb0] ib_resize_cq at ffffffffc05270df [ib_core]\n [ffff9f799ddcbdc0] llt_rdma_setup_qp at ffffffffc0a6a712 [llt]\n [ffff9f799ddcbe10] llt_rdma_cc_event_action at ffffffffc0a6b411 [llt]\n [ffff9f799ddcbe98] llt_rdma_client_conn_thread at ffffffffc0a6bb75 [llt]\n [ffff9f799ddcbec8] kthread at ffffffffa66c5da1\n [ffff9f799ddcbf50] ret_from_fork_nospec_begin at ffffffffa6d95ddd\n\nFix it by getting the needed CQE by calling mlx5_frag_buf_get_wqe() that\ntakes the correct source buffer as a parameter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47261",
"url": "https://www.suse.com/security/cve/CVE-2021-47261"
},
{
"category": "external",
"summary": "SUSE Bug 1224954 for CVE-2021-47261",
"url": "https://bugzilla.suse.com/1224954"
},
{
"category": "external",
"summary": "SUSE Bug 1227751 for CVE-2021-47261",
"url": "https://bugzilla.suse.com/1227751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47261"
},
{
"cve": "CVE-2021-47265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47265"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: Verify port when creating flow rule\n\nValidate port value provided by the user and with that remove no longer\nneeded validation by the driver. The missing check in the mlx5_ib driver\ncould cause to the below oops.\n\nCall trace:\n _create_flow_rule+0x2d4/0xf28 [mlx5_ib]\n mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib]\n ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs]\n ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs]\n ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs]\n do_vfs_ioctl+0xd0/0xaf0\n ksys_ioctl+0x84/0xb4\n __arm64_sys_ioctl+0x28/0xc4\n el0_svc_common.constprop.3+0xa4/0x254\n el0_svc_handler+0x84/0xa0\n el0_svc+0x10/0x26c\n Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47265",
"url": "https://www.suse.com/security/cve/CVE-2021-47265"
},
{
"category": "external",
"summary": "SUSE Bug 1224957 for CVE-2021-47265",
"url": "https://bugzilla.suse.com/1224957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47265"
},
{
"cve": "CVE-2021-47269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47269"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: ep0: fix NULL pointer exception\n\nThere is no validation of the index from dwc3_wIndex_to_dep() and we might\nbe referring a non-existing ep and trigger a NULL pointer exception. In\ncertain configurations we might use fewer eps and the index might wrongly\nindicate a larger ep index than existing.\n\nBy adding this validation from the patch we can actually report a wrong\nindex back to the caller.\n\nIn our usecase we are using a composite device on an older kernel, but\nupstream might use this fix also. Unfortunately, I cannot describe the\nhardware for others to reproduce the issue as it is a proprietary\nimplementation.\n\n[ 82.958261] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a4\n[ 82.966891] Mem abort info:\n[ 82.969663] ESR = 0x96000006\n[ 82.972703] Exception class = DABT (current EL), IL = 32 bits\n[ 82.978603] SET = 0, FnV = 0\n[ 82.981642] EA = 0, S1PTW = 0\n[ 82.984765] Data abort info:\n[ 82.987631] ISV = 0, ISS = 0x00000006\n[ 82.991449] CM = 0, WnR = 0\n[ 82.994409] user pgtable: 4k pages, 39-bit VAs, pgdp = 00000000c6210ccc\n[ 83.000999] [00000000000000a4] pgd=0000000053aa5003, pud=0000000053aa5003, pmd=0000000000000000\n[ 83.009685] Internal error: Oops: 96000006 [#1] PREEMPT SMP\n[ 83.026433] Process irq/62-dwc3 (pid: 303, stack limit = 0x000000003985154c)\n[ 83.033470] CPU: 0 PID: 303 Comm: irq/62-dwc3 Not tainted 4.19.124 #1\n[ 83.044836] pstate: 60000085 (nZCv daIf -PAN -UAO)\n[ 83.049628] pc : dwc3_ep0_handle_feature+0x414/0x43c\n[ 83.054558] lr : dwc3_ep0_interrupt+0x3b4/0xc94\n\n...\n\n[ 83.141788] Call trace:\n[ 83.144227] dwc3_ep0_handle_feature+0x414/0x43c\n[ 83.148823] dwc3_ep0_interrupt+0x3b4/0xc94\n[ 83.181546] ---[ end trace aac6b5267d84c32f ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47269",
"url": "https://www.suse.com/security/cve/CVE-2021-47269"
},
{
"category": "external",
"summary": "SUSE Bug 1224996 for CVE-2021-47269",
"url": "https://bugzilla.suse.com/1224996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47269"
},
{
"cve": "CVE-2021-47274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47274"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Correct the length check which causes memory corruption\n\nWe\u0027ve suffered from severe kernel crashes due to memory corruption on\nour production environment, like,\n\nCall Trace:\n[1640542.554277] general protection fault: 0000 [#1] SMP PTI\n[1640542.554856] CPU: 17 PID: 26996 Comm: python Kdump: loaded Tainted:G\n[1640542.556629] RIP: 0010:kmem_cache_alloc+0x90/0x190\n[1640542.559074] RSP: 0018:ffffb16faa597df8 EFLAGS: 00010286\n[1640542.559587] RAX: 0000000000000000 RBX: 0000000000400200 RCX:\n0000000006e931bf\n[1640542.560323] RDX: 0000000006e931be RSI: 0000000000400200 RDI:\nffff9a45ff004300\n[1640542.560996] RBP: 0000000000400200 R08: 0000000000023420 R09:\n0000000000000000\n[1640542.561670] R10: 0000000000000000 R11: 0000000000000000 R12:\nffffffff9a20608d\n[1640542.562366] R13: ffff9a45ff004300 R14: ffff9a45ff004300 R15:\n696c662f65636976\n[1640542.563128] FS: 00007f45d7c6f740(0000) GS:ffff9a45ff840000(0000)\nknlGS:0000000000000000\n[1640542.563937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1640542.564557] CR2: 00007f45d71311a0 CR3: 000000189d63e004 CR4:\n00000000003606e0\n[1640542.565279] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[1640542.566069] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[1640542.566742] Call Trace:\n[1640542.567009] anon_vma_clone+0x5d/0x170\n[1640542.567417] __split_vma+0x91/0x1a0\n[1640542.567777] do_munmap+0x2c6/0x320\n[1640542.568128] vm_munmap+0x54/0x70\n[1640542.569990] __x64_sys_munmap+0x22/0x30\n[1640542.572005] do_syscall_64+0x5b/0x1b0\n[1640542.573724] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[1640542.575642] RIP: 0033:0x7f45d6e61e27\n\nJames Wang has reproduced it stably on the latest 4.19 LTS.\nAfter some debugging, we finally proved that it\u0027s due to ftrace\nbuffer out-of-bound access using a debug tool as follows:\n[ 86.775200] BUG: Out-of-bounds write at addr 0xffff88aefe8b7000\n[ 86.780806] no_context+0xdf/0x3c0\n[ 86.784327] __do_page_fault+0x252/0x470\n[ 86.788367] do_page_fault+0x32/0x140\n[ 86.792145] page_fault+0x1e/0x30\n[ 86.795576] strncpy_from_unsafe+0x66/0xb0\n[ 86.799789] fetch_memory_string+0x25/0x40\n[ 86.804002] fetch_deref_string+0x51/0x60\n[ 86.808134] kprobe_trace_func+0x32d/0x3a0\n[ 86.812347] kprobe_dispatcher+0x45/0x50\n[ 86.816385] kprobe_ftrace_handler+0x90/0xf0\n[ 86.820779] ftrace_ops_assist_func+0xa1/0x140\n[ 86.825340] 0xffffffffc00750bf\n[ 86.828603] do_sys_open+0x5/0x1f0\n[ 86.832124] do_syscall_64+0x5b/0x1b0\n[ 86.835900] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\ncommit b220c049d519 (\"tracing: Check length before giving out\nthe filter buffer\") adds length check to protect trace data\noverflow introduced in 0fc1b09ff1ff, seems that this fix can\u0027t prevent\noverflow entirely, the length check should also take the sizeof\nentry-\u003earray[0] into account, since this array[0] is filled the\nlength of trace data and occupy addtional space and risk overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47274",
"url": "https://www.suse.com/security/cve/CVE-2021-47274"
},
{
"category": "external",
"summary": "SUSE Bug 1224990 for CVE-2021-47274",
"url": "https://bugzilla.suse.com/1224990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47274"
},
{
"cve": "CVE-2021-47276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47276"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Do not blindly read the ip address in ftrace_bug()\n\nIt was reported that a bug on arm64 caused a bad ip address to be used for\nupdating into a nop in ftrace_init(), but the error path (rightfully)\nreturned -EINVAL and not -EFAULT, as the bug caused more than one error to\noccur. But because -EINVAL was returned, the ftrace_bug() tried to report\nwhat was at the location of the ip address, and read it directly. This\ncaused the machine to panic, as the ip was not pointing to a valid memory\naddress.\n\nInstead, read the ip address with copy_from_kernel_nofault() to safely\naccess the memory, and if it faults, report that the address faulted,\notherwise report what was in that location.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47276",
"url": "https://www.suse.com/security/cve/CVE-2021-47276"
},
{
"category": "external",
"summary": "SUSE Bug 1224966 for CVE-2021-47276",
"url": "https://bugzilla.suse.com/1224966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47276"
},
{
"cve": "CVE-2021-47277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkvm: avoid speculation-based attacks from out-of-range memslot accesses\n\nKVM\u0027s mechanism for accessing guest memory translates a guest physical\naddress (gpa) to a host virtual address using the right-shifted gpa\n(also known as gfn) and a struct kvm_memory_slot. The translation is\nperformed in __gfn_to_hva_memslot using the following formula:\n\n hva = slot-\u003euserspace_addr + (gfn - slot-\u003ebase_gfn) * PAGE_SIZE\n\nIt is expected that gfn falls within the boundaries of the guest\u0027s\nphysical memory. However, a guest can access invalid physical addresses\nin such a way that the gfn is invalid.\n\n__gfn_to_hva_memslot is called from kvm_vcpu_gfn_to_hva_prot, which first\nretrieves a memslot through __gfn_to_memslot. While __gfn_to_memslot\ndoes check that the gfn falls within the boundaries of the guest\u0027s\nphysical memory or not, a CPU can speculate the result of the check and\ncontinue execution speculatively using an illegal gfn. The speculation\ncan result in calculating an out-of-bounds hva. If the resulting host\nvirtual address is used to load another guest physical address, this\nis effectively a Spectre gadget consisting of two consecutive reads,\nthe second of which is data dependent on the first.\n\nRight now it\u0027s not clear if there are any cases in which this is\nexploitable. One interesting case was reported by the original author\nof this patch, and involves visiting guest page tables on x86. Right\nnow these are not vulnerable because the hva read goes through get_user(),\nwhich contains an LFENCE speculation barrier. However, there are\npatches in progress for x86 uaccess.h to mask kernel addresses instead of\nusing LFENCE; once these land, a guest could use speculation to read\nfrom the VMM\u0027s ring 3 address space. Other architectures such as ARM\nalready use the address masking method, and would be susceptible to\nthis same kind of data-dependent access gadgets. Therefore, this patch\nproactively protects from these attacks by masking out-of-bounds gfns\nin __gfn_to_hva_memslot, which blocks speculation of invalid hvas.\n\nSean Christopherson noted that this patch does not cover\nkvm_read_guest_offset_cached. This however is limited to a few bytes\npast the end of the cache, and therefore it is unlikely to be useful in\nthe context of building a chain of data dependent accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47277",
"url": "https://www.suse.com/security/cve/CVE-2021-47277"
},
{
"category": "external",
"summary": "SUSE Bug 1224960 for CVE-2021-47277",
"url": "https://bugzilla.suse.com/1224960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47277"
},
{
"cve": "CVE-2021-47280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47280"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Fix use-after-free read in drm_getunique()\n\nThere is a time-of-check-to-time-of-use error in drm_getunique() due\nto retrieving file_priv-\u003emaster prior to locking the device\u0027s master\nmutex.\n\nAn example can be seen in the crash report of the use-after-free error\nfound by Syzbot:\nhttps://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803\n\nIn the report, the master pointer was used after being freed. This is\nbecause another process had acquired the device\u0027s master mutex in\ndrm_setmaster_ioctl(), then overwrote fpriv-\u003emaster in\ndrm_new_set_master(). The old value of fpriv-\u003emaster was subsequently\nfreed before the mutex was unlocked.\n\nTo fix this, we lock the device\u0027s master mutex before retrieving the\npointer from from fpriv-\u003emaster. This patch passes the Syzbot\nreproducer test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47280",
"url": "https://www.suse.com/security/cve/CVE-2021-47280"
},
{
"category": "external",
"summary": "SUSE Bug 1224982 for CVE-2021-47280",
"url": "https://bugzilla.suse.com/1224982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47280"
},
{
"cve": "CVE-2021-47281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: Fix race of snd_seq_timer_open()\n\nThe timer instance per queue is exclusive, and snd_seq_timer_open()\nshould have managed the concurrent accesses. It looks as if it\u0027s\nchecking the already existing timer instance at the beginning, but\nit\u0027s not right, because there is no protection, hence any later\nconcurrent call of snd_seq_timer_open() may override the timer\ninstance easily. This may result in UAF, as the leftover timer\ninstance can keep running while the queue itself gets closed, as\nspotted by syzkaller recently.\n\nFor avoiding the race, add a proper check at the assignment of\ntmr-\u003etimeri again, and return -EBUSY if it\u0027s been already registered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47281",
"url": "https://www.suse.com/security/cve/CVE-2021-47281"
},
{
"category": "external",
"summary": "SUSE Bug 1224983 for CVE-2021-47281",
"url": "https://bugzilla.suse.com/1224983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47281"
},
{
"cve": "CVE-2021-47284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: netjet: Fix crash in nj_probe:\n\n\u0027nj_setup\u0027 in netjet.c might fail with -EIO and in this case\n\u0027card-\u003eirq\u0027 is initialized and is bigger than zero. A subsequent call to\n\u0027nj_release\u0027 will free the irq that has not been requested.\n\nFix this bug by deleting the previous assignment to \u0027card-\u003eirq\u0027 and just\nkeep the assignment before \u0027request_irq\u0027.\n\nThe KASAN\u0027s log reveals it:\n\n[ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826\nfree_irq+0x100/0x480\n[ 3.355112 ] Modules linked in:\n[ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.356552 ] RIP: 0010:free_irq+0x100/0x480\n[ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18\n4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5\nff \u003c0f\u003e 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80\n[ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082\n[ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX:\n0000000000000000\n[ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI:\n00000000ffffffff\n[ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09:\n0000000000000000\n[ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12:\n0000000000000000\n[ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15:\nffff888104dc80a8\n[ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000)\nknlGS:0000000000000000\n[ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4:\n00000000000006f0\n[ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] nj_release+0x51/0x1e0\n[ 3.362175 ] nj_probe+0x450/0x950\n[ 3.362175 ] ? pci_device_remove+0x110/0x110\n[ 3.362175 ] local_pci_probe+0x45/0xa0\n[ 3.362175 ] pci_device_probe+0x12b/0x1d0\n[ 3.362175 ] really_probe+0x2a9/0x610\n[ 3.362175 ] driver_probe_device+0x90/0x1d0\n[ 3.362175 ] ? mutex_lock_nested+0x1b/0x20\n[ 3.362175 ] device_driver_attach+0x68/0x70\n[ 3.362175 ] __driver_attach+0x124/0x1b0\n[ 3.362175 ] ? device_driver_attach+0x70/0x70\n[ 3.362175 ] bus_for_each_dev+0xbb/0x110\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] driver_attach+0x27/0x30\n[ 3.362175 ] bus_add_driver+0x1eb/0x2a0\n[ 3.362175 ] driver_register+0xa9/0x180\n[ 3.362175 ] __pci_register_driver+0x82/0x90\n[ 3.362175 ] ? w6692_init+0x38/0x38\n[ 3.362175 ] nj_init+0x36/0x38\n[ 3.362175 ] do_one_initcall+0x7f/0x3d0\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80\n[ 3.362175 ] kernel_init_freeable+0x2aa/0x301\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] kernel_init+0x18/0x190\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ret_from_fork+0x1f/0x30\n[ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ...\n[ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] dump_stack+0xba/0xf5\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] panic+0x15a/0x3f2\n[ 3.362175 ] ? __warn+0xf2/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] __warn+0x108/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] report_bug+0x119/0x1c0\n[ 3.362175 ] handle_bug+0x3b/0x80\n[ 3.362175 ] exc_invalid_op+0x18/0x70\n[ 3.362175 ] asm_exc_invalid_op+0x12/0x20\n[ 3.362175 ] RIP: 0010:free_irq+0x100\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47284",
"url": "https://www.suse.com/security/cve/CVE-2021-47284"
},
{
"category": "external",
"summary": "SUSE Bug 1224987 for CVE-2021-47284",
"url": "https://bugzilla.suse.com/1224987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47284"
},
{
"cve": "CVE-2021-47285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47285"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47285",
"url": "https://www.suse.com/security/cve/CVE-2021-47285"
},
{
"category": "external",
"summary": "SUSE Bug 1224981 for CVE-2021-47285",
"url": "https://bugzilla.suse.com/1224981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47285"
},
{
"cve": "CVE-2021-47288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47288"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()\n\nFix an 11-year old bug in ngene_command_config_free_buf() while\naddressing the following warnings caught with -Warray-bounds:\n\narch/alpha/include/asm/string.h:22:16: warning: \u0027__builtin_memcpy\u0027 offset [12, 16] from the object at \u0027com\u0027 is out of the bounds of referenced subobject \u0027config\u0027 with type \u0027unsigned char\u0027 at offset 10 [-Warray-bounds]\narch/x86/include/asm/string_32.h:182:25: warning: \u0027__builtin_memcpy\u0027 offset [12, 16] from the object at \u0027com\u0027 is out of the bounds of referenced subobject \u0027config\u0027 with type \u0027unsigned char\u0027 at offset 10 [-Warray-bounds]\n\nThe problem is that the original code is trying to copy 6 bytes of\ndata into a one-byte size member _config_ of the wrong structue\nFW_CONFIGURE_BUFFERS, in a single call to memcpy(). This causes a\nlegitimate compiler warning because memcpy() overruns the length\nof \u0026com.cmd.ConfigureBuffers.config. It seems that the right\nstructure is FW_CONFIGURE_FREE_BUFFERS, instead, because it contains\n6 more members apart from the header _hdr_. Also, the name of\nthe function ngene_command_config_free_buf() suggests that the actual\nintention is to ConfigureFreeBuffers, instead of ConfigureBuffers\n(which takes place in the function ngene_command_config_buf(), above).\n\nFix this by enclosing those 6 members of struct FW_CONFIGURE_FREE_BUFFERS\ninto new struct config, and use \u0026com.cmd.ConfigureFreeBuffers.config as\nthe destination address, instead of \u0026com.cmd.ConfigureBuffers.config,\nwhen calling memcpy().\n\nThis also helps with the ongoing efforts to globally enable\n-Warray-bounds and get us closer to being able to tighten the\nFORTIFY_SOURCE routines on memcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47288",
"url": "https://www.suse.com/security/cve/CVE-2021-47288"
},
{
"category": "external",
"summary": "SUSE Bug 1224889 for CVE-2021-47288",
"url": "https://bugzilla.suse.com/1224889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47288"
},
{
"cve": "CVE-2021-47301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix use-after-free error during reset\n\nCleans the next descriptor to watch (next_to_watch) when cleaning the\nTX ring.\n\nFailure to do so can cause invalid memory accesses. If igb_poll() runs\nwhile the controller is reset this can lead to the driver try to free\na skb that was already freed.\n\n(The crash is harder to reproduce with the igb driver, but the same\npotential problem exists as the code is identical to igc)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47301",
"url": "https://www.suse.com/security/cve/CVE-2021-47301"
},
{
"category": "external",
"summary": "SUSE Bug 1224916 for CVE-2021-47301",
"url": "https://bugzilla.suse.com/1224916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47301"
},
{
"cve": "CVE-2021-47302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: Fix use-after-free error during reset\n\nCleans the next descriptor to watch (next_to_watch) when cleaning the\nTX ring.\n\nFailure to do so can cause invalid memory accesses. If igc_poll() runs\nwhile the controller is being reset this can lead to the driver try to\nfree a skb that was already freed.\n\nLog message:\n\n [ 101.525242] refcount_t: underflow; use-after-free.\n [ 101.525251] WARNING: CPU: 1 PID: 646 at lib/refcount.c:28 refcount_warn_saturate+0xab/0xf0\n [ 101.525259] Modules linked in: sch_etf(E) sch_mqprio(E) rfkill(E) intel_rapl_msr(E) intel_rapl_common(E)\n x86_pkg_temp_thermal(E) intel_powerclamp(E) coretemp(E) binfmt_misc(E) kvm_intel(E) kvm(E) irqbypass(E) crc32_pclmul(E)\n ghash_clmulni_intel(E) aesni_intel(E) mei_wdt(E) libaes(E) crypto_simd(E) cryptd(E) glue_helper(E) snd_hda_codec_hdmi(E)\n rapl(E) intel_cstate(E) snd_hda_intel(E) snd_intel_dspcfg(E) sg(E) soundwire_intel(E) intel_uncore(E) at24(E)\n soundwire_generic_allocation(E) iTCO_wdt(E) soundwire_cadence(E) intel_pmc_bxt(E) serio_raw(E) snd_hda_codec(E)\n iTCO_vendor_support(E) watchdog(E) snd_hda_core(E) snd_hwdep(E) snd_soc_core(E) snd_compress(E) snd_pcsp(E)\n soundwire_bus(E) snd_pcm(E) evdev(E) snd_timer(E) mei_me(E) snd(E) soundcore(E) mei(E) configfs(E) ip_tables(E) x_tables(E)\n autofs4(E) ext4(E) crc32c_generic(E) crc16(E) mbcache(E) jbd2(E) sd_mod(E) t10_pi(E) crc_t10dif(E) crct10dif_generic(E)\n i915(E) ahci(E) libahci(E) ehci_pci(E) igb(E) xhci_pci(E) ehci_hcd(E)\n [ 101.525303] drm_kms_helper(E) dca(E) xhci_hcd(E) libata(E) crct10dif_pclmul(E) cec(E) crct10dif_common(E) tsn(E) igc(E)\n e1000e(E) ptp(E) i2c_i801(E) crc32c_intel(E) psmouse(E) i2c_algo_bit(E) i2c_smbus(E) scsi_mod(E) lpc_ich(E) pps_core(E)\n usbcore(E) drm(E) button(E) video(E)\n [ 101.525318] CPU: 1 PID: 646 Comm: irq/37-enp7s0-T Tainted: G E 5.10.30-rt37-tsn1-rt-ipipe #ipipe\n [ 101.525320] Hardware name: SIEMENS AG SIMATIC IPC427D/A5E31233588, BIOS V17.02.09 03/31/2017\n [ 101.525322] RIP: 0010:refcount_warn_saturate+0xab/0xf0\n [ 101.525325] Code: 05 31 48 44 01 01 e8 f0 c6 42 00 0f 0b c3 80 3d 1f 48 44 01 00 75 90 48 c7 c7 78 a8 f3 a6 c6 05 0f 48\n 44 01 01 e8 d1 c6 42 00 \u003c0f\u003e 0b c3 80 3d fe 47 44 01 00 0f 85 6d ff ff ff 48 c7 c7 d0 a8 f3\n [ 101.525327] RSP: 0018:ffffbdedc0917cb8 EFLAGS: 00010286\n [ 101.525329] RAX: 0000000000000000 RBX: ffff98fd6becbf40 RCX: 0000000000000001\n [ 101.525330] RDX: 0000000000000001 RSI: ffffffffa6f2700c RDI: 00000000ffffffff\n [ 101.525332] RBP: ffff98fd6becc14c R08: ffffffffa7463d00 R09: ffffbdedc0917c50\n [ 101.525333] R10: ffffffffa74c3578 R11: 0000000000000034 R12: 00000000ffffff00\n [ 101.525335] R13: ffff98fd6b0b1000 R14: 0000000000000039 R15: ffff98fd6be35c40\n [ 101.525337] FS: 0000000000000000(0000) GS:ffff98fd6e240000(0000) knlGS:0000000000000000\n [ 101.525339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 101.525341] CR2: 00007f34135a3a70 CR3: 0000000150210003 CR4: 00000000001706e0\n [ 101.525343] Call Trace:\n [ 101.525346] sock_wfree+0x9c/0xa0\n [ 101.525353] unix_destruct_scm+0x7b/0xa0\n [ 101.525358] skb_release_head_state+0x40/0x90\n [ 101.525362] skb_release_all+0xe/0x30\n [ 101.525364] napi_consume_skb+0x57/0x160\n [ 101.525367] igc_poll+0xb7/0xc80 [igc]\n [ 101.525376] ? sched_clock+0x5/0x10\n [ 101.525381] ? sched_clock_cpu+0xe/0x100\n [ 101.525385] net_rx_action+0x14c/0x410\n [ 101.525388] __do_softirq+0xe9/0x2f4\n [ 101.525391] __local_bh_enable_ip+0xe3/0x110\n [ 101.525395] ? irq_finalize_oneshot.part.47+0xe0/0xe0\n [ 101.525398] irq_forced_thread_fn+0x6a/0x80\n [ 101.525401] irq_thread+0xe8/0x180\n [ 101.525403] ? wake_threads_waitq+0x30/0x30\n [ 101.525406] ? irq_thread_check_affinity+0xd0/0xd0\n [ 101.525408] kthread+0x183/0x1a0\n [ 101.525412] ? kthread_park+0x80/0x80\n [ 101.525415] ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47302",
"url": "https://www.suse.com/security/cve/CVE-2021-47302"
},
{
"category": "external",
"summary": "SUSE Bug 1224917 for CVE-2021-47302",
"url": "https://bugzilla.suse.com/1224917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47302"
},
{
"cve": "CVE-2021-47305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sync_file: Don\u0027t leak fences on merge failure\n\nEach add_fence() call does a dma_fence_get() on the relevant fence. In\nthe error path, we weren\u0027t calling dma_fence_put() so all those fences\ngot leaked. Also, in the krealloc_array failure case, we weren\u0027t\nfreeing the fences array. Instead, ensure that i and fences are always\nzero-initialized and dma_fence_put() all the fences and kfree(fences) on\nevery error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47305",
"url": "https://www.suse.com/security/cve/CVE-2021-47305"
},
{
"category": "external",
"summary": "SUSE Bug 1224968 for CVE-2021-47305",
"url": "https://bugzilla.suse.com/1224968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47305"
},
{
"cve": "CVE-2021-47307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL deref in cifs_compose_mount_options()\n\nThe optional @ref parameter might contain an NULL node_name, so\nprevent dereferencing it in cifs_compose_mount_options().\n\nAddresses-Coverity: 1476408 (\"Explicit null dereferenced\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47307",
"url": "https://www.suse.com/security/cve/CVE-2021-47307"
},
{
"category": "external",
"summary": "SUSE Bug 1224961 for CVE-2021-47307",
"url": "https://bugzilla.suse.com/1224961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47307"
},
{
"cve": "CVE-2021-47308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47308"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix array index out of bound exception\n\nFix array index out of bound exception in fc_rport_prli_resp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47308",
"url": "https://www.suse.com/security/cve/CVE-2021-47308"
},
{
"category": "external",
"summary": "SUSE Bug 1224963 for CVE-2021-47308",
"url": "https://bugzilla.suse.com/1224963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47308"
},
{
"cve": "CVE-2021-47310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47310"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ti: fix UAF in tlan_remove_one\n\npriv is netdev private data and it cannot be\nused after free_netdev() call. Using priv after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47310",
"url": "https://www.suse.com/security/cve/CVE-2021-47310"
},
{
"category": "external",
"summary": "SUSE Bug 1224959 for CVE-2021-47310",
"url": "https://bugzilla.suse.com/1224959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47310"
},
{
"cve": "CVE-2021-47311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47311"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qcom/emac: fix UAF in emac_remove\n\nadpt is netdev private data and it cannot be\nused after free_netdev() call. Using adpt after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47311",
"url": "https://www.suse.com/security/cve/CVE-2021-47311"
},
{
"category": "external",
"summary": "SUSE Bug 1225010 for CVE-2021-47311",
"url": "https://bugzilla.suse.com/1225010"
},
{
"category": "external",
"summary": "SUSE Bug 1227752 for CVE-2021-47311",
"url": "https://bugzilla.suse.com/1227752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47311"
},
{
"cve": "CVE-2021-47314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47314"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: fsl_ifc: fix leak of private memory on probe failure\n\nOn probe error the driver should free the memory allocated for private\nstructure. Fix this by using resource-managed allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47314",
"url": "https://www.suse.com/security/cve/CVE-2021-47314"
},
{
"category": "external",
"summary": "SUSE Bug 1224893 for CVE-2021-47314",
"url": "https://bugzilla.suse.com/1224893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47314"
},
{
"cve": "CVE-2021-47315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47315"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: fsl_ifc: fix leak of IO mapping on probe failure\n\nOn probe error the driver should unmap the IO memory. Smatch reports:\n\n drivers/memory/fsl_ifc.c:298 fsl_ifc_ctrl_probe() warn: \u0027fsl_ifc_ctrl_dev-\u003egregs\u0027 not released on lines: 298.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47315",
"url": "https://www.suse.com/security/cve/CVE-2021-47315"
},
{
"category": "external",
"summary": "SUSE Bug 1224892 for CVE-2021-47315",
"url": "https://bugzilla.suse.com/1224892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47315"
},
{
"cve": "CVE-2021-47319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47319"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: Fix memory leak among suspend/resume procedure\n\nThe vblk-\u003evqs should be freed before we call init_vqs()\nin virtblk_restore().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47319",
"url": "https://www.suse.com/security/cve/CVE-2021-47319"
},
{
"category": "external",
"summary": "SUSE Bug 1225054 for CVE-2021-47319",
"url": "https://bugzilla.suse.com/1225054"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47319"
},
{
"cve": "CVE-2021-47320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix acl memory leak of posix_acl_create()\n\nWhen looking into another nfs xfstests report, I found acl and\ndefault_acl in nfs3_proc_create() and nfs3_proc_mknod() error\npaths are possibly leaked. Fix them in advance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47320",
"url": "https://www.suse.com/security/cve/CVE-2021-47320"
},
{
"category": "external",
"summary": "SUSE Bug 1225058 for CVE-2021-47320",
"url": "https://bugzilla.suse.com/1225058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47320"
},
{
"cve": "CVE-2021-47321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47321"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: Fix possible use-after-free by calling del_timer_sync()\n\nThis driver\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47321",
"url": "https://www.suse.com/security/cve/CVE-2021-47321"
},
{
"category": "external",
"summary": "SUSE Bug 1225060 for CVE-2021-47321",
"url": "https://bugzilla.suse.com/1225060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47321"
},
{
"cve": "CVE-2021-47323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47323"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47323",
"url": "https://www.suse.com/security/cve/CVE-2021-47323"
},
{
"category": "external",
"summary": "SUSE Bug 1225026 for CVE-2021-47323",
"url": "https://bugzilla.suse.com/1225026"
},
{
"category": "external",
"summary": "SUSE Bug 1227557 for CVE-2021-47323",
"url": "https://bugzilla.suse.com/1227557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47323"
},
{
"cve": "CVE-2021-47324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: Fix possible use-after-free in wdt_startup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47324",
"url": "https://www.suse.com/security/cve/CVE-2021-47324"
},
{
"category": "external",
"summary": "SUSE Bug 1225030 for CVE-2021-47324",
"url": "https://bugzilla.suse.com/1225030"
},
{
"category": "external",
"summary": "SUSE Bug 1225038 for CVE-2021-47324",
"url": "https://bugzilla.suse.com/1225038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47324"
},
{
"cve": "CVE-2021-47330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47330"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: 8250: serial_cs: Fix a memory leak in error handling path\n\nIn the probe function, if the final \u0027serial_config()\u0027 fails, \u0027info\u0027 is\nleaking.\n\nAdd a resource handling path to free this memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47330",
"url": "https://www.suse.com/security/cve/CVE-2021-47330"
},
{
"category": "external",
"summary": "SUSE Bug 1225084 for CVE-2021-47330",
"url": "https://bugzilla.suse.com/1225084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47330"
},
{
"cve": "CVE-2021-47334",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47334"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/libmasm/module: Fix two use after free in ibmasm_init_one\n\nIn ibmasm_init_one, it calls ibmasm_init_remote_input_dev().\nInside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are\nallocated by input_allocate_device(), and assigned to\nsp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev respectively.\n\nIn the err_free_devices error branch of ibmasm_init_one,\nmouse_dev and keybd_dev are freed by input_free_device(), and return\nerror. Then the execution runs into error_send_message error branch\nof ibmasm_init_one, where ibmasm_free_remote_input_dev(sp) is called\nto unregister the freed sp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev.\n\nMy patch add a \"error_init_remote\" label to handle the error of\nibmasm_init_remote_input_dev(), to avoid the uaf bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47334",
"url": "https://www.suse.com/security/cve/CVE-2021-47334"
},
{
"category": "external",
"summary": "SUSE Bug 1225112 for CVE-2021-47334",
"url": "https://bugzilla.suse.com/1225112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47334"
},
{
"cve": "CVE-2021-47337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47337"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix bad pointer dereference when ehandler kthread is invalid\n\nCommit 66a834d09293 (\"scsi: core: Fix error handling of scsi_host_alloc()\")\nchanged the allocation logic to call put_device() to perform host cleanup\nwith the assumption that IDA removal and stopping the kthread would\nproperly be performed in scsi_host_dev_release(). However, in the unlikely\ncase that the error handler thread fails to spawn, shost-\u003eehandler is set\nto ERR_PTR(-ENOMEM).\n\nThe error handler cleanup code in scsi_host_dev_release() will call\nkthread_stop() if shost-\u003eehandler != NULL which will always be the case\nwhether the kthread was successfully spawned or not. In the case that it\nfailed to spawn this has the nasty side effect of trying to dereference an\ninvalid pointer when kthread_stop() is called. The following splat provides\nan example of this behavior in the wild:\n\nscsi host11: error handler thread failed to spawn, error = -4\nKernel attempted to read user page (10c) - exploit attempt? (uid: 0)\nBUG: Kernel NULL pointer dereference on read at 0x0000010c\nFaulting instruction address: 0xc00000000818e9a8\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: ibmvscsi(+) scsi_transport_srp dm_multipath dm_mirror dm_region\n hash dm_log dm_mod fuse overlay squashfs loop\nCPU: 12 PID: 274 Comm: systemd-udevd Not tainted 5.13.0-rc7 #1\nNIP: c00000000818e9a8 LR: c0000000089846e8 CTR: 0000000000007ee8\nREGS: c000000037d12ea0 TRAP: 0300 Not tainted (5.13.0-rc7)\nMSR: 800000000280b033 \u0026lt;SF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u0026gt; CR: 28228228\nXER: 20040001\nCFAR: c0000000089846e4 DAR: 000000000000010c DSISR: 40000000 IRQMASK: 0\nGPR00: c0000000089846e8 c000000037d13140 c000000009cc1100 fffffffffffffffc\nGPR04: 0000000000000001 0000000000000000 0000000000000000 c000000037dc0000\nGPR08: 0000000000000000 c000000037dc0000 0000000000000001 00000000fffff7ff\nGPR12: 0000000000008000 c00000000a049000 c000000037d13d00 000000011134d5a0\nGPR16: 0000000000001740 c0080000190d0000 c0080000190d1740 c000000009129288\nGPR20: c000000037d13bc0 0000000000000001 c000000037d13bc0 c0080000190b7898\nGPR24: c0080000190b7708 0000000000000000 c000000033bb2c48 0000000000000000\nGPR28: c000000046b28280 0000000000000000 000000000000010c fffffffffffffffc\nNIP [c00000000818e9a8] kthread_stop+0x38/0x230\nLR [c0000000089846e8] scsi_host_dev_release+0x98/0x160\nCall Trace:\n[c000000033bb2c48] 0xc000000033bb2c48 (unreliable)\n[c0000000089846e8] scsi_host_dev_release+0x98/0x160\n[c00000000891e960] device_release+0x60/0x100\n[c0000000087e55c4] kobject_release+0x84/0x210\n[c00000000891ec78] put_device+0x28/0x40\n[c000000008984ea4] scsi_host_alloc+0x314/0x430\n[c0080000190b38bc] ibmvscsi_probe+0x54/0xad0 [ibmvscsi]\n[c000000008110104] vio_bus_probe+0xa4/0x4b0\n[c00000000892a860] really_probe+0x140/0x680\n[c00000000892aefc] driver_probe_device+0x15c/0x200\n[c00000000892b63c] device_driver_attach+0xcc/0xe0\n[c00000000892b740] __driver_attach+0xf0/0x200\n[c000000008926f28] bus_for_each_dev+0xa8/0x130\n[c000000008929ce4] driver_attach+0x34/0x50\n[c000000008928fc0] bus_add_driver+0x1b0/0x300\n[c00000000892c798] driver_register+0x98/0x1a0\n[c00000000810eb60] __vio_register_driver+0x80/0xe0\n[c0080000190b4a30] ibmvscsi_module_init+0x9c/0xdc [ibmvscsi]\n[c0000000080121d0] do_one_initcall+0x60/0x2d0\n[c000000008261abc] do_init_module+0x7c/0x320\n[c000000008265700] load_module+0x2350/0x25b0\n[c000000008265cb4] __do_sys_finit_module+0xd4/0x160\n[c000000008031110] system_call_exception+0x150/0x2d0\n[c00000000800d35c] system_call_common+0xec/0x278\n\nFix this be nulling shost-\u003eehandler when the kthread fails to spawn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47337",
"url": "https://www.suse.com/security/cve/CVE-2021-47337"
},
{
"category": "external",
"summary": "SUSE Bug 1224926 for CVE-2021-47337",
"url": "https://bugzilla.suse.com/1224926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47337"
},
{
"cve": "CVE-2021-47343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47343"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm btree remove: assign new_root only when removal succeeds\n\nremove_raw() in dm_btree_remove() may fail due to IO read error\n(e.g. read the content of origin block fails during shadowing),\nand the value of shadow_spine::root is uninitialized, but\nthe uninitialized value is still assign to new_root in the\nend of dm_btree_remove().\n\nFor dm-thin, the value of pmd-\u003edetails_root or pmd-\u003eroot will become\nan uninitialized value, so if trying to read details_info tree again\nout-of-bound memory may occur as showed below:\n\n general protection fault, probably for non-canonical address 0x3fdcb14c8d7520\n CPU: 4 PID: 515 Comm: dmsetup Not tainted 5.13.0-rc6\n Hardware name: QEMU Standard PC\n RIP: 0010:metadata_ll_load_ie+0x14/0x30\n Call Trace:\n sm_metadata_count_is_more_than_one+0xb9/0xe0\n dm_tm_shadow_block+0x52/0x1c0\n shadow_step+0x59/0xf0\n remove_raw+0xb2/0x170\n dm_btree_remove+0xf4/0x1c0\n dm_pool_delete_thin_device+0xc3/0x140\n pool_message+0x218/0x2b0\n target_message+0x251/0x290\n ctl_ioctl+0x1c4/0x4d0\n dm_ctl_ioctl+0xe/0x20\n __x64_sys_ioctl+0x7b/0xb0\n do_syscall_64+0x40/0xb0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFixing it by only assign new_root when removal succeeds",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47343",
"url": "https://www.suse.com/security/cve/CVE-2021-47343"
},
{
"category": "external",
"summary": "SUSE Bug 1225155 for CVE-2021-47343",
"url": "https://bugzilla.suse.com/1225155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47343"
},
{
"cve": "CVE-2021-47344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47344"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: zr364xx: fix memory leak in zr364xx_start_readpipe\n\nsyzbot reported memory leak in zr364xx driver.\nThe problem was in non-freed urb in case of\nusb_submit_urb() fail.\n\nbacktrace:\n [\u003cffffffff82baedf6\u003e] kmalloc include/linux/slab.h:561 [inline]\n [\u003cffffffff82baedf6\u003e] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74\n [\u003cffffffff82f7cce8\u003e] zr364xx_start_readpipe+0x78/0x130 drivers/media/usb/zr364xx/zr364xx.c:1022\n [\u003cffffffff84251dfc\u003e] zr364xx_board_init drivers/media/usb/zr364xx/zr364xx.c:1383 [inline]\n [\u003cffffffff84251dfc\u003e] zr364xx_probe+0x6a3/0x851 drivers/media/usb/zr364xx/zr364xx.c:1516\n [\u003cffffffff82bb6507\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [\u003cffffffff826018a9\u003e] really_probe+0x159/0x500 drivers/base/dd.c:576",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47344",
"url": "https://www.suse.com/security/cve/CVE-2021-47344"
},
{
"category": "external",
"summary": "SUSE Bug 1224922 for CVE-2021-47344",
"url": "https://bugzilla.suse.com/1224922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47344"
},
{
"cve": "CVE-2021-47345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix rdma_resolve_route() memory leak\n\nFix a memory leak when \"mda_resolve_route() is called more than once on\nthe same \"rdma_cm_id\".\n\nThis is possible if cma_query_handler() triggers the\nRDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and\nallows rdma_resolve_route() to be called again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47345",
"url": "https://www.suse.com/security/cve/CVE-2021-47345"
},
{
"category": "external",
"summary": "SUSE Bug 1225157 for CVE-2021-47345",
"url": "https://bugzilla.suse.com/1225157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47345"
},
{
"cve": "CVE-2021-47347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47347"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwl1251: Fix possible buffer overflow in wl1251_cmd_scan\n\nFunction wl1251_cmd_scan calls memcpy without checking the length.\nHarden by checking the length is within the maximum allowed size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47347",
"url": "https://www.suse.com/security/cve/CVE-2021-47347"
},
{
"category": "external",
"summary": "SUSE Bug 1225177 for CVE-2021-47347",
"url": "https://bugzilla.suse.com/1225177"
},
{
"category": "external",
"summary": "SUSE Bug 1225305 for CVE-2021-47347",
"url": "https://bugzilla.suse.com/1225305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47347"
},
{
"cve": "CVE-2021-47352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: Add validation for used length\n\nThis adds validation for used length (might come\nfrom an untrusted device) to avoid data corruption\nor loss.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47352",
"url": "https://www.suse.com/security/cve/CVE-2021-47352"
},
{
"category": "external",
"summary": "SUSE Bug 1225124 for CVE-2021-47352",
"url": "https://bugzilla.suse.com/1225124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47352"
},
{
"cve": "CVE-2021-47353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47353"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix NULL pointer dereference in udf_symlink function\n\nIn function udf_symlink, epos.bh is assigned with the value returned\nby udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c\nand returns the value of sb_getblk function that could be NULL.\nThen, epos.bh is used without any check, causing a possible\nNULL pointer dereference when sb_getblk fails.\n\nThis fix adds a check to validate the value of epos.bh.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47353",
"url": "https://www.suse.com/security/cve/CVE-2021-47353"
},
{
"category": "external",
"summary": "SUSE Bug 1225128 for CVE-2021-47353",
"url": "https://bugzilla.suse.com/1225128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47353"
},
{
"cve": "CVE-2021-47355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47355"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: nicstar: Fix possible use-after-free in nicstar_cleanup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47355",
"url": "https://www.suse.com/security/cve/CVE-2021-47355"
},
{
"category": "external",
"summary": "SUSE Bug 1225141 for CVE-2021-47355",
"url": "https://bugzilla.suse.com/1225141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47355"
},
{
"cve": "CVE-2021-47356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47356"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible use-after-free in HFC_cleanup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47356",
"url": "https://www.suse.com/security/cve/CVE-2021-47356"
},
{
"category": "external",
"summary": "SUSE Bug 1225143 for CVE-2021-47356",
"url": "https://bugzilla.suse.com/1225143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47356"
},
{
"cve": "CVE-2021-47357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47357"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: iphase: fix possible use-after-free in ia_module_exit()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47357",
"url": "https://www.suse.com/security/cve/CVE-2021-47357"
},
{
"category": "external",
"summary": "SUSE Bug 1225144 for CVE-2021-47357",
"url": "https://bugzilla.suse.com/1225144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47357"
},
{
"cve": "CVE-2021-47361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmcb: fix error handling in mcb_alloc_bus()\n\nThere are two bugs:\n1) If ida_simple_get() fails then this code calls put_device(carrier)\n but we haven\u0027t yet called get_device(carrier) and probably that\n leads to a use after free.\n2) After device_initialize() then we need to use put_device() to\n release the bus. This will free the internal resources tied to the\n device and call mcb_free_bus() which will free the rest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47361",
"url": "https://www.suse.com/security/cve/CVE-2021-47361"
},
{
"category": "external",
"summary": "SUSE Bug 1225151 for CVE-2021-47361",
"url": "https://bugzilla.suse.com/1225151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47361"
},
{
"cve": "CVE-2021-47362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Update intermediate power state for SI\n\nUpdate the current state as boot state during dpm initialization.\nDuring the subsequent initialization, set_power_state gets called to\ntransition to the final power state. set_power_state refers to values\nfrom the current state and without current state populated, it could\nresult in NULL pointer dereference.\n\nFor ex: on platforms where PCI speed change is supported through ACPI\nATCS method, the link speed of current state needs to be queried before\ndeciding on changing to final power state\u0027s link speed. The logic to query\nATCS-support was broken on certain platforms. The issue became visible\nwhen broken ATCS-support logic got fixed with commit\nf9b7f3703ff9 (\"drm/amdgpu/acpi: make ATPX/ATCS structures global (v2)\").\n\nBug: https://gitlab.freedesktop.org/drm/amd/-/issues/1698",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47362",
"url": "https://www.suse.com/security/cve/CVE-2021-47362"
},
{
"category": "external",
"summary": "SUSE Bug 1225153 for CVE-2021-47362",
"url": "https://bugzilla.suse.com/1225153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47362"
},
{
"cve": "CVE-2021-47369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47369"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix NULL deref in qeth_clear_working_pool_list()\n\nWhen qeth_set_online() calls qeth_clear_working_pool_list() to roll\nback after an error exit from qeth_hardsetup_card(), we are at risk of\naccessing card-\u003eqdio.in_q before it was allocated by\nqeth_alloc_qdio_queues() via qeth_mpc_initialize().\n\nqeth_clear_working_pool_list() then dereferences NULL, and by writing to\nqueue-\u003ebufs[i].pool_entry scribbles all over the CPU\u0027s lowcore.\nResulting in a crash when those lowcore areas are used next (eg. on\nthe next machine-check interrupt).\n\nSuch a scenario would typically happen when the device is first set\nonline and its queues aren\u0027t allocated yet. An early IO error or certain\nmisconfigs (eg. mismatched transport mode, bad portno) then cause us to\nerror out from qeth_hardsetup_card() with card-\u003eqdio.in_q still being\nNULL.\n\nFix it by checking the pointer for NULL before accessing it.\n\nNote that we also have (rare) paths inside qeth_mpc_initialize() where\na configuration change can cause us to free the existing queues,\nexpecting that subsequent code will allocate them again. If we then\nerror out before that re-allocation happens, the same bug occurs.\n\nRoot-caused-by: Heiko Carstens \u003chca@linux.ibm.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47369",
"url": "https://www.suse.com/security/cve/CVE-2021-47369"
},
{
"category": "external",
"summary": "SUSE Bug 1225164 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "external",
"summary": "SUSE Bug 1227324 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1227324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47369"
},
{
"cve": "CVE-2021-47375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblktrace: Fix uaf in blk_trace access after removing by sysfs\n\nThere is an use-after-free problem triggered by following process:\n\n P1(sda)\t\t\t\tP2(sdb)\n\t\t\techo 0 \u003e /sys/block/sdb/trace/enable\n\t\t\t blk_trace_remove_queue\n\t\t\t synchronize_rcu\n\t\t\t blk_trace_free\n\t\t\t relay_close\nrcu_read_lock\n__blk_add_trace\n trace_note_tsk\n (Iterate running_trace_list)\n\t\t\t relay_close_buf\n\t\t\t\t relay_destroy_buf\n\t\t\t\t kfree(buf)\n trace_note(sdb\u0027s bt)\n relay_reserve\n buf-\u003eoffset \u003c- nullptr deference (use-after-free) !!!\nrcu_read_unlock\n\n[ 502.714379] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n[ 502.715260] #PF: supervisor read access in kernel mode\n[ 502.715903] #PF: error_code(0x0000) - not-present page\n[ 502.716546] PGD 103984067 P4D 103984067 PUD 17592b067 PMD 0\n[ 502.717252] Oops: 0000 [#1] SMP\n[ 502.720308] RIP: 0010:trace_note.isra.0+0x86/0x360\n[ 502.732872] Call Trace:\n[ 502.733193] __blk_add_trace.cold+0x137/0x1a3\n[ 502.733734] blk_add_trace_rq+0x7b/0xd0\n[ 502.734207] blk_add_trace_rq_issue+0x54/0xa0\n[ 502.734755] blk_mq_start_request+0xde/0x1b0\n[ 502.735287] scsi_queue_rq+0x528/0x1140\n...\n[ 502.742704] sg_new_write.isra.0+0x16e/0x3e0\n[ 502.747501] sg_ioctl+0x466/0x1100\n\nReproduce method:\n ioctl(/dev/sda, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sda, BLKTRACESTART)\n ioctl(/dev/sdb, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sdb, BLKTRACESTART)\n\n echo 0 \u003e /sys/block/sdb/trace/enable \u0026\n // Add delay(mdelay/msleep) before kernel enters blk_trace_free()\n\n ioctl$SG_IO(/dev/sda, SG_IO, ...)\n // Enters trace_note_tsk() after blk_trace_free() returned\n // Use mdelay in rcu region rather than msleep(which may schedule out)\n\nRemove blk_trace from running_list before calling blk_trace_free() by\nsysfs if blk_trace is at Blktrace_running state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47375",
"url": "https://www.suse.com/security/cve/CVE-2021-47375"
},
{
"category": "external",
"summary": "SUSE Bug 1225193 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "external",
"summary": "SUSE Bug 1225194 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47375"
},
{
"cve": "CVE-2021-47378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: destroy cm id before destroy qp to avoid use after free\n\nWe should always destroy cm_id before destroy qp to avoid to get cma\nevent after qp was destroyed, which may lead to use after free.\nIn RDMA connection establishment error flow, don\u0027t destroy qp in cm\nevent handler.Just report cm_error to upper level, qp will be destroy\nin nvme_rdma_alloc_queue() after destroy cm id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47378",
"url": "https://www.suse.com/security/cve/CVE-2021-47378"
},
{
"category": "external",
"summary": "SUSE Bug 1225201 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "external",
"summary": "SUSE Bug 1225202 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47378"
},
{
"cve": "CVE-2021-47382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47382"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix deadlock during failing recovery\n\nCommit 0b9902c1fcc5 (\"s390/qeth: fix deadlock during recovery\") removed\ntaking discipline_mutex inside qeth_do_reset(), fixing potential\ndeadlocks. An error path was missed though, that still takes\ndiscipline_mutex and thus has the original deadlock potential.\n\nIntermittent deadlocks were seen when a qeth channel path is configured\noffline, causing a race between qeth_do_reset and ccwgroup_remove.\nCall qeth_set_offline() directly in the qeth_do_reset() error case and\nthen a new variant of ccwgroup_set_offline(), without taking\ndiscipline_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47382",
"url": "https://www.suse.com/security/cve/CVE-2021-47382"
},
{
"category": "external",
"summary": "SUSE Bug 1225207 for CVE-2021-47382",
"url": "https://bugzilla.suse.com/1225207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47382"
},
{
"cve": "CVE-2021-47383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn\u0027t call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47383",
"url": "https://www.suse.com/security/cve/CVE-2021-47383"
},
{
"category": "external",
"summary": "SUSE Bug 1225208 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "external",
"summary": "SUSE Bug 1225211 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47383"
},
{
"cve": "CVE-2021-47391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests\n\nThe FSM can run in a circle allowing rdma_resolve_ip() to be called twice\non the same id_priv. While this cannot happen without going through the\nwork, it violates the invariant that the same address resolution\nbackground request cannot be active twice.\n\n CPU 1 CPU 2\n\nrdma_resolve_addr():\n RDMA_CM_IDLE -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler) #1\n\n\t\t\t process_one_req(): for #1\n addr_handler():\n RDMA_CM_ADDR_QUERY -\u003e RDMA_CM_ADDR_BOUND\n mutex_unlock(\u0026id_priv-\u003ehandler_mutex);\n [.. handler still running ..]\n\nrdma_resolve_addr():\n RDMA_CM_ADDR_BOUND -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler)\n !! two requests are now on the req_list\n\nrdma_destroy_id():\n destroy_id_handler_unlock():\n _destroy_id():\n cma_cancel_operation():\n rdma_addr_cancel()\n\n // process_one_req() self removes it\n\t\t spin_lock_bh(\u0026lock);\n cancel_delayed_work(\u0026req-\u003ework);\n\t if (!list_empty(\u0026req-\u003elist)) == true\n\n ! rdma_addr_cancel() returns after process_on_req #1 is done\n\n kfree(id_priv)\n\n\t\t\t process_one_req(): for #2\n addr_handler():\n\t mutex_lock(\u0026id_priv-\u003ehandler_mutex);\n !! Use after free on id_priv\n\nrdma_addr_cancel() expects there to be one req on the list and only\ncancels the first one. The self-removal behavior of the work only happens\nafter the handler has returned. This yields a situations where the\nreq_list can have two reqs for the same \"handle\" but rdma_addr_cancel()\nonly cancels the first one.\n\nThe second req remains active beyond rdma_destroy_id() and will\nuse-after-free id_priv once it inevitably triggers.\n\nFix this by remembering if the id_priv has called rdma_resolve_ip() and\nalways cancel before calling it again. This ensures the req_list never\ngets more than one item in it and doesn\u0027t cost anything in the normal flow\nthat never uses this strange error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47391",
"url": "https://www.suse.com/security/cve/CVE-2021-47391"
},
{
"category": "external",
"summary": "SUSE Bug 1225318 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "external",
"summary": "SUSE Bug 1225319 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47391"
},
{
"cve": "CVE-2021-47397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb\n\nWe should always check if skb_header_pointer\u0027s return is NULL before\nusing it, otherwise it may cause null-ptr-deref, as syzbot reported:\n\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:sctp_rcv_ootb net/sctp/input.c:705 [inline]\n RIP: 0010:sctp_rcv+0x1d84/0x3220 net/sctp/input.c:196\n Call Trace:\n \u003cIRQ\u003e\n sctp6_rcv+0x38/0x60 net/sctp/ipv6.c:1109\n ip6_protocol_deliver_rcu+0x2e9/0x1ca0 net/ipv6/ip6_input.c:422\n ip6_input_finish+0x62/0x170 net/ipv6/ip6_input.c:463\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:472\n dst_input include/net/dst.h:460 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline]\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ipv6_rcv+0x28c/0x3c0 net/ipv6/ip6_input.c:297",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47397",
"url": "https://www.suse.com/security/cve/CVE-2021-47397"
},
{
"category": "external",
"summary": "SUSE Bug 1225082 for CVE-2021-47397",
"url": "https://bugzilla.suse.com/1225082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47397"
},
{
"cve": "CVE-2021-47400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: do not allow call hns3_nic_net_open repeatedly\n\nhns3_nic_net_open() is not allowed to called repeatly, but there\nis no checking for this. When doing device reset and setup tc\nconcurrently, there is a small oppotunity to call hns3_nic_net_open\nrepeatedly, and cause kernel bug by calling napi_enable twice.\n\nThe calltrace information is like below:\n[ 3078.222780] ------------[ cut here ]------------\n[ 3078.230255] kernel BUG at net/core/dev.c:6991!\n[ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O)\n[ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G O 5.14.0-rc4+ #1\n[ 3078.269102] Hardware name: , BIOS KpxxxFPGA 1P B600 V181 08/12/2021\n[ 3078.276801] Workqueue: hclge hclge_service_task [hclge]\n[ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[ 3078.296168] pc : napi_enable+0x80/0x84\ntc qdisc sho[w 3d0e7v8 .e3t0h218 79] lr : hns3_nic_net_open+0x138/0x510 [hns3]\n\n[ 3078.314771] sp : ffff8000108abb20\n[ 3078.319099] x29: ffff8000108abb20 x28: 0000000000000000 x27: ffff0820a8490300\n[ 3078.329121] x26: 0000000000000001 x25: ffff08209cfc6200 x24: 0000000000000000\n[ 3078.339044] x23: ffff0820a8490300 x22: ffff08209cd76000 x21: ffff0820abfe3880\n[ 3078.349018] x20: 0000000000000000 x19: ffff08209cd76900 x18: 0000000000000000\n[ 3078.358620] x17: 0000000000000000 x16: ffffc816e1727a50 x15: 0000ffff8f4ff930\n[ 3078.368895] x14: 0000000000000000 x13: 0000000000000000 x12: 0000259e9dbeb6b4\n[ 3078.377987] x11: 0096a8f7e764eb40 x10: 634615ad28d3eab5 x9 : ffffc816ad8885b8\n[ 3078.387091] x8 : ffff08209cfc6fb8 x7 : ffff0820ac0da058 x6 : ffff0820a8490344\n[ 3078.396356] x5 : 0000000000000140 x4 : 0000000000000003 x3 : ffff08209cd76938\n[ 3078.405365] x2 : 0000000000000000 x1 : 0000000000000010 x0 : ffff0820abfe38a0\n[ 3078.414657] Call trace:\n[ 3078.418517] napi_enable+0x80/0x84\n[ 3078.424626] hns3_reset_notify_up_enet+0x78/0xd0 [hns3]\n[ 3078.433469] hns3_reset_notify+0x64/0x80 [hns3]\n[ 3078.441430] hclge_notify_client+0x68/0xb0 [hclge]\n[ 3078.450511] hclge_reset_rebuild+0x524/0x884 [hclge]\n[ 3078.458879] hclge_reset_service_task+0x3c4/0x680 [hclge]\n[ 3078.467470] hclge_service_task+0xb0/0xb54 [hclge]\n[ 3078.475675] process_one_work+0x1dc/0x48c\n[ 3078.481888] worker_thread+0x15c/0x464\n[ 3078.487104] kthread+0x160/0x170\n[ 3078.492479] ret_from_fork+0x10/0x18\n[ 3078.498785] Code: c8027c81 35ffffa2 d50323bf d65f03c0 (d4210000)\n[ 3078.506889] ---[ end trace 8ebe0340a1b0fb44 ]---\n\nOnce hns3_nic_net_open() is excute success, the flag\nHNS3_NIC_STATE_DOWN will be cleared. So add checking for this\nflag, directly return when HNS3_NIC_STATE_DOWN is no set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47400",
"url": "https://www.suse.com/security/cve/CVE-2021-47400"
},
{
"category": "external",
"summary": "SUSE Bug 1225329 for CVE-2021-47400",
"url": "https://bugzilla.suse.com/1225329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47400"
},
{
"cve": "CVE-2021-47401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipack: ipoctal: fix stack information leak\n\nThe tty driver name is used also after registering the driver and must\nspecifically not be allocated on the stack to avoid leaking information\nto user space (or triggering an oops).\n\nDrivers should not try to encode topology information in the tty device\nname but this one snuck in through staging without anyone noticing and\nanother driver has since copied this malpractice.\n\nFixing the ABI is a separate issue, but this at least plugs the security\nhole.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47401",
"url": "https://www.suse.com/security/cve/CVE-2021-47401"
},
{
"category": "external",
"summary": "SUSE Bug 1225242 for CVE-2021-47401",
"url": "https://bugzilla.suse.com/1225242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47401"
},
{
"cve": "CVE-2021-47404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: fix slab-out-of-bounds Write in betop_probe\n\nSyzbot reported slab-out-of-bounds Write bug in hid-betopff driver.\nThe problem is the driver assumes the device must have an input report but\nsome malicious devices violate this assumption.\n\nSo this patch checks hid_device\u0027s input is non empty before it\u0027s been used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47404",
"url": "https://www.suse.com/security/cve/CVE-2021-47404"
},
{
"category": "external",
"summary": "SUSE Bug 1225303 for CVE-2021-47404",
"url": "https://bugzilla.suse.com/1225303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47404"
},
{
"cve": "CVE-2021-47409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47409",
"url": "https://www.suse.com/security/cve/CVE-2021-47409"
},
{
"category": "external",
"summary": "SUSE Bug 1225330 for CVE-2021-47409",
"url": "https://bugzilla.suse.com/1225330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47409"
},
{
"cve": "CVE-2021-47416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: mdio: fix memory leak\n\nSyzbot reported memory leak in MDIO bus interface, the problem was in\nwrong state logic.\n\nMDIOBUS_ALLOCATED indicates 2 states:\n\t1. Bus is only allocated\n\t2. Bus allocated and __mdiobus_register() fails, but\n\t device_register() was called\n\nIn case of device_register() has been called we should call put_device()\nto correctly free the memory allocated for this device, but mdiobus_free()\ncalls just kfree(dev) in case of MDIOBUS_ALLOCATED state\n\nTo avoid this behaviour we need to set bus-\u003estate to MDIOBUS_UNREGISTERED\n_before_ calling device_register(), because put_device() should be\ncalled even in case of device_register() failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47416",
"url": "https://www.suse.com/security/cve/CVE-2021-47416"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "external",
"summary": "SUSE Bug 1225336 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47416"
},
{
"cve": "CVE-2021-47423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47423"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/debugfs: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47423",
"url": "https://www.suse.com/security/cve/CVE-2021-47423"
},
{
"category": "external",
"summary": "SUSE Bug 1225366 for CVE-2021-47423",
"url": "https://bugzilla.suse.com/1225366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47423"
},
{
"cve": "CVE-2021-47424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47424"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n Trying to free already-free IRQ 266\n WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__free_irq+0x9a/0x300\n Call Trace:\n ? synchronize_irq+0x3a/0xa0\n free_irq+0x2e/0x60\n i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n i40e_probe.part.108+0x134b/0x1a40 [i40e]\n ? kmem_cache_alloc+0x158/0x1c0\n ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n ? acpi_ut_update_object_reference+0x15e/0x1e2\n ? strstr+0x21/0x70\n ? irq_get_irq_data+0xa/0x20\n ? mp_check_pin_attr+0x13/0xc0\n ? irq_get_irq_data+0xa/0x20\n ? mp_map_pin_to_irq+0xd3/0x2f0\n ? acpi_register_gsi_ioapic+0x93/0x170\n ? pci_conf1_read+0xa4/0x100\n ? pci_bus_read_config_word+0x49/0x70\n ? do_pci_enable_device+0xcc/0x100\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47424",
"url": "https://www.suse.com/security/cve/CVE-2021-47424"
},
{
"category": "external",
"summary": "SUSE Bug 1225367 for CVE-2021-47424",
"url": "https://bugzilla.suse.com/1225367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47424"
},
{
"cve": "CVE-2021-47431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix gart.bo pin_count leak\n\ngmc_v{9,10}_0_gart_disable() isn\u0027t called matched with\ncorrespoding gart_enbale function in SRIOV case. This will\nlead to gart.bo pin_count leak on driver unload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47431",
"url": "https://www.suse.com/security/cve/CVE-2021-47431"
},
{
"category": "external",
"summary": "SUSE Bug 1225390 for CVE-2021-47431",
"url": "https://bugzilla.suse.com/1225390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47431"
},
{
"cve": "CVE-2021-47435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47435",
"url": "https://www.suse.com/security/cve/CVE-2021-47435"
},
{
"category": "external",
"summary": "SUSE Bug 1225247 for CVE-2021-47435",
"url": "https://bugzilla.suse.com/1225247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47435"
},
{
"cve": "CVE-2021-47436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47436",
"url": "https://www.suse.com/security/cve/CVE-2021-47436"
},
{
"category": "external",
"summary": "SUSE Bug 1225244 for CVE-2021-47436",
"url": "https://bugzilla.suse.com/1225244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47436"
},
{
"cve": "CVE-2021-47456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_pci: peak_pci_remove(): fix UAF\n\nWhen remove the module peek_pci, referencing \u0027chan\u0027 again after\nreleasing \u0027dev\u0027 will cause UAF.\n\nFix this by releasing \u0027dev\u0027 later.\n\nThe following log reveals it:\n\n[ 35.961814 ] BUG: KASAN: use-after-free in peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.963414 ] Read of size 8 at addr ffff888136998ee8 by task modprobe/5537\n[ 35.965513 ] Call Trace:\n[ 35.965718 ] dump_stack_lvl+0xa8/0xd1\n[ 35.966028 ] print_address_description+0x87/0x3b0\n[ 35.966420 ] kasan_report+0x172/0x1c0\n[ 35.966725 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967137 ] ? trace_irq_enable_rcuidle+0x10/0x170\n[ 35.967529 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967945 ] __asan_report_load8_noabort+0x14/0x20\n[ 35.968346 ] peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.968752 ] pci_device_remove+0xa9/0x250",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47456",
"url": "https://www.suse.com/security/cve/CVE-2021-47456"
},
{
"category": "external",
"summary": "SUSE Bug 1225256 for CVE-2021-47456",
"url": "https://bugzilla.suse.com/1225256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47456"
},
{
"cve": "CVE-2021-47458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: mount fails with buffer overflow in strlen\n\nStarting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an\nocfs2 filesystem with either o2cb or pcmk cluster stack fails with the\ntrace below. Problem seems to be that strings for cluster stack and\ncluster name are not guaranteed to be null terminated in the disk\nrepresentation, while strlcpy assumes that the source string is always\nnull terminated. This causes a read outside of the source string\ntriggering the buffer overflow detection.\n\n detected buffer overflow in strlen\n ------------[ cut here ]------------\n kernel BUG at lib/string.c:1149!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 1 PID: 910 Comm: mount.ocfs2 Not tainted 5.14.0-1-amd64 #1\n Debian 5.14.6-2\n RIP: 0010:fortify_panic+0xf/0x11\n ...\n Call Trace:\n ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]\n ocfs2_fill_super+0x359/0x19b0 [ocfs2]\n mount_bdev+0x185/0x1b0\n legacy_get_tree+0x27/0x40\n vfs_get_tree+0x25/0xb0\n path_mount+0x454/0xa20\n __x64_sys_mount+0x103/0x140\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47458",
"url": "https://www.suse.com/security/cve/CVE-2021-47458"
},
{
"category": "external",
"summary": "SUSE Bug 1225252 for CVE-2021-47458",
"url": "https://bugzilla.suse.com/1225252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47458"
},
{
"cve": "CVE-2021-47460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after conversion from inline format\n\nCommit 6dbf7bb55598 (\"fs: Don\u0027t invalidate page buffers in\nblock_write_full_page()\") uncovered a latent bug in ocfs2 conversion\nfrom inline inode format to a normal inode format.\n\nThe code in ocfs2_convert_inline_data_to_extents() attempts to zero out\nthe whole cluster allocated for file data by grabbing, zeroing, and\ndirtying all pages covering this cluster. However these pages are\nbeyond i_size, thus writeback code generally ignores these dirty pages\nand no blocks were ever actually zeroed on the disk.\n\nThis oversight was fixed by commit 693c241a5f6a (\"ocfs2: No need to zero\npages past i_size.\") for standard ocfs2 write path, inline conversion\npath was apparently forgotten; the commit log also has a reasoning why\nthe zeroing actually is not needed.\n\nAfter commit 6dbf7bb55598, things became worse as writeback code stopped\ninvalidating buffers on pages beyond i_size and thus these pages end up\nwith clean PageDirty bit but with buffers attached to these pages being\nstill dirty. So when a file is converted from inline format, then\nwriteback triggers, and then the file is grown so that these pages\nbecome valid, the invalid dirtiness state is preserved,\nmark_buffer_dirty() does nothing on these pages (buffers are already\ndirty) but page is never written back because it is clean. So data\nwritten to these pages is lost once pages are reclaimed.\n\nSimple reproducer for the problem is:\n\n xfs_io -f -c \"pwrite 0 2000\" -c \"pwrite 2000 2000\" -c \"fsync\" \\\n -c \"pwrite 4000 2000\" ocfs2_file\n\nAfter unmounting and mounting the fs again, you can observe that end of\n\u0027ocfs2_file\u0027 has lost its contents.\n\nFix the problem by not doing the pointless zeroing during conversion\nfrom inline format similarly as in the standard write path.\n\n[akpm@linux-foundation.org: fix whitespace, per Joseph]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47460",
"url": "https://www.suse.com/security/cve/CVE-2021-47460"
},
{
"category": "external",
"summary": "SUSE Bug 1225251 for CVE-2021-47460",
"url": "https://bugzilla.suse.com/1225251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47460"
},
{
"cve": "CVE-2021-47469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47469"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47469",
"url": "https://www.suse.com/security/cve/CVE-2021-47469"
},
{
"category": "external",
"summary": "SUSE Bug 1225347 for CVE-2021-47469",
"url": "https://bugzilla.suse.com/1225347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47469"
},
{
"cve": "CVE-2021-47472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47472"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47472",
"url": "https://www.suse.com/security/cve/CVE-2021-47472"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47472",
"url": "https://bugzilla.suse.com/1225189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47472"
},
{
"cve": "CVE-2021-47473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()\n\nCommit 8c0eb596baa5 (\"[SCSI] qla2xxx: Fix a memory leak in an error path of\nqla2x00_process_els()\"), intended to change:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_HST_ELS_NOLOGIN\n\n\n bsg_job-\u003erequest-\u003emsgcode != FC_BSG_RPT_ELS\n\nbut changed it to:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_RPT_ELS\n\ninstead.\n\nChange the == to a != to avoid leaking the fcport structure or freeing\nunallocated memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47473",
"url": "https://www.suse.com/security/cve/CVE-2021-47473"
},
{
"category": "external",
"summary": "SUSE Bug 1225192 for CVE-2021-47473",
"url": "https://bugzilla.suse.com/1225192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2021-47473"
},
{
"cve": "CVE-2021-47478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Fix out of bound access for corrupted isofs image\n\nWhen isofs image is suitably corrupted isofs_read_inode() can read data\nbeyond the end of buffer. Sanity-check the directory entry length before\nusing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47478",
"url": "https://www.suse.com/security/cve/CVE-2021-47478"
},
{
"category": "external",
"summary": "SUSE Bug 1225198 for CVE-2021-47478",
"url": "https://bugzilla.suse.com/1225198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47478"
},
{
"cve": "CVE-2021-47480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\nhost instance is released because shost-\u003ehostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\nreported by Changhui and Yi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47480",
"url": "https://www.suse.com/security/cve/CVE-2021-47480"
},
{
"category": "external",
"summary": "SUSE Bug 1225322 for CVE-2021-47480",
"url": "https://bugzilla.suse.com/1225322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47480"
},
{
"cve": "CVE-2021-47483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: Fix possible double-free in regcache_rbtree_exit()\n\nIn regcache_rbtree_insert_to_block(), when \u0027present\u0027 realloc failed,\nthe \u0027blk\u0027 which is supposed to assign to \u0027rbnode-\u003eblock\u0027 will be freed,\nso \u0027rbnode-\u003eblock\u0027 points a freed memory, in the error handling path of\nregcache_rbtree_init(), \u0027rbnode-\u003eblock\u0027 will be freed again in\nregcache_rbtree_exit(), KASAN will report double-free as follows:\n\nBUG: KASAN: double-free or invalid-free in kfree+0xce/0x390\nCall Trace:\n slab_free_freelist_hook+0x10d/0x240\n kfree+0xce/0x390\n regcache_rbtree_exit+0x15d/0x1a0\n regcache_rbtree_init+0x224/0x2c0\n regcache_init+0x88d/0x1310\n __regmap_init+0x3151/0x4a80\n __devm_regmap_init+0x7d/0x100\n madera_spi_probe+0x10f/0x333 [madera_spi]\n spi_probe+0x183/0x210\n really_probe+0x285/0xc30\n\nTo fix this, moving up the assignment of rbnode-\u003eblock to immediately after\nthe reallocation has succeeded so that the data structure stays valid even\nif the second reallocation fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47483",
"url": "https://www.suse.com/security/cve/CVE-2021-47483"
},
{
"category": "external",
"summary": "SUSE Bug 1224907 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "external",
"summary": "SUSE Bug 1224908 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47483"
},
{
"cve": "CVE-2021-47485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47485",
"url": "https://www.suse.com/security/cve/CVE-2021-47485"
},
{
"category": "external",
"summary": "SUSE Bug 1224904 for CVE-2021-47485",
"url": "https://bugzilla.suse.com/1224904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47485"
},
{
"cve": "CVE-2021-47495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: sanity check for maxpacket\n\nmaxpacket of 0 makes no sense and oopses as we need to divide\nby it. Give up.\n\nV2: fixed typo in log and stylistic issues",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47495",
"url": "https://www.suse.com/security/cve/CVE-2021-47495"
},
{
"category": "external",
"summary": "SUSE Bug 1225351 for CVE-2021-47495",
"url": "https://bugzilla.suse.com/1225351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47495"
},
{
"cve": "CVE-2021-47496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix flipped sign in tls_err_abort() calls\n\nsk-\u003esk_err appears to expect a positive value, a convention that ktls\ndoesn\u0027t always follow and that leads to memory corruption in other code.\nFor instance,\n\n [kworker]\n tls_encrypt_done(..., err=\u003cnegative error from crypto request\u003e)\n tls_err_abort(.., err)\n sk-\u003esk_err = err;\n\n [task]\n splice_from_pipe_feed\n ...\n tls_sw_do_sendpage\n if (sk-\u003esk_err) {\n ret = -sk-\u003esk_err; // ret is positive\n\n splice_from_pipe_feed (continued)\n ret = actor(...) // ret is still positive and interpreted as bytes\n // written, resulting in underflow of buf-\u003elen and\n // sd-\u003elen, leading to huge buf-\u003eoffset and bogus\n // addresses computed in later calls to actor()\n\nFix all tls_err_abort() callers to pass a negative error code\nconsistently and centralize the error-prone sign flip there, throwing in\na warning to catch future misuse and uninlining the function so it\nreally does only warn once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47496",
"url": "https://www.suse.com/security/cve/CVE-2021-47496"
},
{
"category": "external",
"summary": "SUSE Bug 1225354 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "external",
"summary": "SUSE Bug 1227656 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1227656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47496"
},
{
"cve": "CVE-2021-47497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47497"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\n\nIf a cell has \u0027nbits\u0027 equal to a multiple of BITS_PER_BYTE the logic\n\n *p \u0026= GENMASK((cell-\u003enbits%BITS_PER_BYTE) - 1, 0);\n\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\n\nUBSAN reports this problem:\n\n UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\n shift exponent 64 is too large for 64-bit type \u0027unsigned long\u0027\n CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\n Hardware name: Google Lazor (rev3+) with KB Backlight (DT)\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n dump_backtrace+0x0/0x170\n show_stack+0x24/0x30\n dump_stack_lvl+0x64/0x7c\n dump_stack+0x18/0x38\n ubsan_epilogue+0x10/0x54\n __ubsan_handle_shift_out_of_bounds+0x180/0x194\n __nvmem_cell_read+0x1ec/0x21c\n nvmem_cell_read+0x58/0x94\n nvmem_cell_read_variable_common+0x4c/0xb0\n nvmem_cell_read_variable_le_u32+0x40/0x100\n a6xx_gpu_init+0x170/0x2f4\n adreno_bind+0x174/0x284\n component_bind_all+0xf0/0x264\n msm_drm_bind+0x1d8/0x7a0\n try_to_bring_up_master+0x164/0x1ac\n __component_add+0xbc/0x13c\n component_add+0x20/0x2c\n dp_display_probe+0x340/0x384\n platform_probe+0xc0/0x100\n really_probe+0x110/0x304\n __driver_probe_device+0xb8/0x120\n driver_probe_device+0x4c/0xfc\n __device_attach_driver+0xb0/0x128\n bus_for_each_drv+0x90/0xdc\n __device_attach+0xc8/0x174\n device_initial_probe+0x20/0x2c\n bus_probe_device+0x40/0xa4\n deferred_probe_work_func+0x7c/0xb8\n process_one_work+0x128/0x21c\n process_scheduled_works+0x40/0x54\n worker_thread+0x1ec/0x2a8\n kthread+0x138/0x158\n ret_from_fork+0x10/0x20\n\nFix it by making sure there are any bits to mask out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47497",
"url": "https://www.suse.com/security/cve/CVE-2021-47497"
},
{
"category": "external",
"summary": "SUSE Bug 1225355 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "external",
"summary": "SUSE Bug 1227655 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1227655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47497"
},
{
"cve": "CVE-2021-47500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47500",
"url": "https://www.suse.com/security/cve/CVE-2021-47500"
},
{
"category": "external",
"summary": "SUSE Bug 1225360 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "external",
"summary": "SUSE Bug 1227698 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1227698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47500"
},
{
"cve": "CVE-2021-47506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix use-after-free due to delegation race\n\nA delegation break could arrive as soon as we\u0027ve called vfs_setlease. A\ndelegation break runs a callback which immediately (in\nnfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we\nthen exit nfs4_set_delegation without hashing the delegation, it will be\nfreed as soon as the callback is done with it, without ever being\nremoved from del_recall_lru.\n\nSymptoms show up later as use-after-free or list corruption warnings,\nusually in the laundromat thread.\n\nI suspect aba2072f4523 \"nfsd: grant read delegations to clients holding\nwrites\" made this bug easier to hit, but I looked as far back as v3.0\nand it looks to me it already had the same problem. So I\u0027m not sure\nwhere the bug was introduced; it may have been there from the beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47506",
"url": "https://www.suse.com/security/cve/CVE-2021-47506"
},
{
"category": "external",
"summary": "SUSE Bug 1225404 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "external",
"summary": "SUSE Bug 1227497 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1227497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47506"
},
{
"cve": "CVE-2021-47509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Limit the period size to 16MB\n\nSet the practical limit to the period size (the fragment shift in OSS)\ninstead of a full 31bit; a too large value could lead to the exhaust\nof memory as we allocate temporary buffers of the period size, too.\n\nAs of this patch, we set to 16MB limit, which should cover all use\ncases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47509",
"url": "https://www.suse.com/security/cve/CVE-2021-47509"
},
{
"category": "external",
"summary": "SUSE Bug 1225409 for CVE-2021-47509",
"url": "https://bugzilla.suse.com/1225409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47509"
},
{
"cve": "CVE-2021-47511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix negative period/buffer sizes\n\nThe period size calculation in OSS layer may receive a negative value\nas an error, but the code there assumes only the positive values and\nhandle them with size_t. Due to that, a too big value may be passed\nto the lower layers.\n\nThis patch changes the code to handle with ssize_t and adds the proper\nerror checks appropriately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47511",
"url": "https://www.suse.com/security/cve/CVE-2021-47511"
},
{
"category": "external",
"summary": "SUSE Bug 1225411 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "external",
"summary": "SUSE Bug 1227700 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1227700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47511"
},
{
"cve": "CVE-2021-47523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47523"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr\n\nThis buffer is currently allocated in hfi1_init():\n\n\tif (reinit)\n\t\tret = init_after_reset(dd);\n\telse\n\t\tret = loadtime_init(dd);\n\tif (ret)\n\t\tgoto done;\n\n\t/* allocate dummy tail memory for all receive contexts */\n\tdd-\u003ercvhdrtail_dummy_kvaddr = dma_alloc_coherent(\u0026dd-\u003epcidev-\u003edev,\n\t\t\t\t\t\t\t sizeof(u64),\n\t\t\t\t\t\t\t \u0026dd-\u003ercvhdrtail_dummy_dma,\n\t\t\t\t\t\t\t GFP_KERNEL);\n\n\tif (!dd-\u003ercvhdrtail_dummy_kvaddr) {\n\t\tdd_dev_err(dd, \"cannot allocate dummy tail memory\\n\");\n\t\tret = -ENOMEM;\n\t\tgoto done;\n\t}\n\nThe reinit triggered path will overwrite the old allocation and leak it.\n\nFix by moving the allocation to hfi1_alloc_devdata() and the deallocation\nto hfi1_free_devdata().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47523",
"url": "https://www.suse.com/security/cve/CVE-2021-47523"
},
{
"category": "external",
"summary": "SUSE Bug 1225438 for CVE-2021-47523",
"url": "https://bugzilla.suse.com/1225438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47523"
},
{
"cve": "CVE-2021-47541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()\n\nIn mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and\ntmp-\u003etx_cq will be freed on the error path of mlx4_en_copy_priv().\nAfter that mlx4_en_alloc_resources() is called and there is a dereference\nof \u0026tmp-\u003etx_cq[t][i] in mlx4_en_alloc_resources(), which could lead to\na use after free problem on failure of mlx4_en_copy_priv().\n\nFix this bug by adding a check of mlx4_en_copy_priv()\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_MLX4_EN=m show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47541",
"url": "https://www.suse.com/security/cve/CVE-2021-47541"
},
{
"category": "external",
"summary": "SUSE Bug 1225453 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "external",
"summary": "SUSE Bug 1225454 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2021-47541"
},
{
"cve": "CVE-2021-47548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()\n\nThe if statement:\n if (port \u003e= DSAF_GE_NUM)\n return;\n\nlimits the value of port less than DSAF_GE_NUM (i.e., 8).\nHowever, if the value of port is 6 or 7, an array overflow could occur:\n port_rst_off = dsaf_dev-\u003emac_cb[port]-\u003eport_rst_off;\n\nbecause the length of dsaf_dev-\u003emac_cb is DSAF_MAX_PORT_NUM (i.e., 6).\n\nTo fix this possible array overflow, we first check port and if it is\ngreater than or equal to DSAF_MAX_PORT_NUM, the function returns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47548",
"url": "https://www.suse.com/security/cve/CVE-2021-47548"
},
{
"category": "external",
"summary": "SUSE Bug 1225506 for CVE-2021-47548",
"url": "https://bugzilla.suse.com/1225506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47548"
},
{
"cve": "CVE-2021-47565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix kernel panic during drive powercycle test\n\nWhile looping over shost\u0027s sdev list it is possible that one\nof the drives is getting removed and its sas_target object is\nfreed but its sdev object remains intact.\n\nConsequently, a kernel panic can occur while the driver is trying to access\nthe sas_address field of sas_target object without also checking the\nsas_target object for NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47565",
"url": "https://www.suse.com/security/cve/CVE-2021-47565"
},
{
"category": "external",
"summary": "SUSE Bug 1225384 for CVE-2021-47565",
"url": "https://bugzilla.suse.com/1225384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2021-47565"
},
{
"cve": "CVE-2022-48686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix UAF when detecting digest errors\n\nWe should also bail from the io_work loop when we set rd_enabled to true,\nso we don\u0027t attempt to read data from the socket when the TCP stream is\nalready out-of-sync or corrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48686",
"url": "https://www.suse.com/security/cve/CVE-2022-48686"
},
{
"category": "external",
"summary": "SUSE Bug 1223948 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "external",
"summary": "SUSE Bug 1226337 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1226337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2022-48686"
},
{
"cve": "CVE-2022-48697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a use-after-free\n\nFix the following use-after-free complaint triggered by blktests nvme/004:\n\nBUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350\nRead of size 4 at addr 0000607bd1835943 by task kworker/13:1/460\nWorkqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\nCall Trace:\n show_stack+0x52/0x58\n dump_stack_lvl+0x49/0x5e\n print_report.cold+0x36/0x1e2\n kasan_report+0xb9/0xf0\n __asan_load4+0x6b/0x80\n blk_mq_complete_request_remote+0xac/0x350\n nvme_loop_queue_response+0x1df/0x275 [nvme_loop]\n __nvmet_req_complete+0x132/0x4f0 [nvmet]\n nvmet_req_complete+0x15/0x40 [nvmet]\n nvmet_execute_io_connect+0x18a/0x1f0 [nvmet]\n nvme_loop_execute_work+0x20/0x30 [nvme_loop]\n process_one_work+0x56e/0xa70\n worker_thread+0x2d1/0x640\n kthread+0x183/0x1c0\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48697",
"url": "https://www.suse.com/security/cve/CVE-2022-48697"
},
{
"category": "external",
"summary": "SUSE Bug 1223922 for CVE-2022-48697",
"url": "https://bugzilla.suse.com/1223922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2022-48697"
},
{
"cve": "CVE-2022-48704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n\u003e Configuration and Message requests are the only TLPs accepted by a Function in\n\u003e the D3hot state. All other received Requests must be handled as Unsupported Requests,\n\u003e and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [\u003cffffffff811bea5c\u003e] ra = [\u003cffffffff81240844\u003e] ps = 0000 Tainted: G W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000\nt2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258\nt5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000\ns0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018\ns3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008\na3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338\nt8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800\nt11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000\ngp = ffffffff81d89690 sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[\u003cffffffff81240844\u003e] si_dma_is_lockup+0x34/0xd0\n[\u003cffffffff81119610\u003e] radeon_fence_check_lockup+0xd0/0x290\n[\u003cffffffff80977010\u003e] process_one_work+0x280/0x550\n[\u003cffffffff80977350\u003e] worker_thread+0x70/0x7c0\n[\u003cffffffff80977410\u003e] worker_thread+0x130/0x7c0\n[\u003cffffffff80982040\u003e] kthread+0x200/0x210\n[\u003cffffffff809772e0\u003e] worker_thread+0x0/0x7c0\n[\u003cffffffff80981f8c\u003e] kthread+0x14c/0x210\n[\u003cffffffff80911658\u003e] ret_from_kernel_thread+0x18/0x20\n[\u003cffffffff80981e40\u003e] kthread+0x0/0x210\n Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101\n \u003c88210000\u003e 4821ed21\nSo force lockup work queue flush to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48704",
"url": "https://www.suse.com/security/cve/CVE-2022-48704"
},
{
"category": "external",
"summary": "SUSE Bug 1223932 for CVE-2022-48704",
"url": "https://bugzilla.suse.com/1223932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2022-48704"
},
{
"cve": "CVE-2022-48708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference\n\nAdded checking of pointer \"function\" in pcs_set_mux().\npinmux_generic_get_function() can return NULL and the pointer\n\"function\" was dereferenced without checking against NULL.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48708",
"url": "https://www.suse.com/security/cve/CVE-2022-48708"
},
{
"category": "external",
"summary": "SUSE Bug 1224942 for CVE-2022-48708",
"url": "https://bugzilla.suse.com/1224942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2022-48708"
},
{
"cve": "CVE-2022-48710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix a possible null pointer dereference\n\nIn radeon_fp_native_mode(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.\n\nThe failure status of drm_cvt_mode() on the other path is checked too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48710",
"url": "https://www.suse.com/security/cve/CVE-2022-48710"
},
{
"category": "external",
"summary": "SUSE Bug 1225230 for CVE-2022-48710",
"url": "https://bugzilla.suse.com/1225230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2022-48710"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-1829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1829"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1829",
"url": "https://www.suse.com/security/cve/CVE-2023-1829"
},
{
"category": "external",
"summary": "SUSE Bug 1210335 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "external",
"summary": "SUSE Bug 1210619 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1220886 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1220886"
},
{
"category": "external",
"summary": "SUSE Bug 1228311 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1228311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-42755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-42755"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-42755",
"url": "https://www.suse.com/security/cve/CVE-2023-42755"
},
{
"category": "external",
"summary": "SUSE Bug 1215702 for CVE-2023-42755",
"url": "https://bugzilla.suse.com/1215702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-42755"
},
{
"cve": "CVE-2023-47233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47233"
}
],
"notes": [
{
"category": "general",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47233",
"url": "https://www.suse.com/security/cve/CVE-2023-47233"
},
{
"category": "external",
"summary": "SUSE Bug 1216702 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-52527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()\n\nIncluding the transhdrlen in length is a problem when the packet is\npartially filled (e.g. something like send(MSG_MORE) happened previously)\nwhen appending to an IPv4 or IPv6 packet as we don\u0027t want to repeat the\ntransport header or account for it twice. This can happen under some\ncircumstances, such as splicing into an L2TP socket.\n\nThe symptom observed is a warning in __ip6_append_data():\n\n WARNING: CPU: 1 PID: 5042 at net/ipv6/ip6_output.c:1800 __ip6_append_data.isra.0+0x1be8/0x47f0 net/ipv6/ip6_output.c:1800\n\nthat occurs when MSG_SPLICE_PAGES is used to append more data to an already\npartially occupied skbuff. The warning occurs when \u0027copy\u0027 is larger than\nthe amount of data in the message iterator. This is because the requested\nlength includes the transport header length when it shouldn\u0027t. This can be\ntriggered by, for example:\n\n sfd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_L2TP);\n bind(sfd, ...); // ::1\n connect(sfd, ...); // ::1 port 7\n send(sfd, buffer, 4100, MSG_MORE);\n sendfile(sfd, dfd, NULL, 1024);\n\nFix this by only adding transhdrlen into the length if the write queue is\nempty in l2tp_ip6_sendmsg(), analogously to how UDP does things.\n\nl2tp_ip_sendmsg() looks like it won\u0027t suffer from this problem as it builds\nthe UDP packet itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52527",
"url": "https://www.suse.com/security/cve/CVE-2023-52527"
},
{
"category": "external",
"summary": "SUSE Bug 1220928 for CVE-2023-52527",
"url": "https://bugzilla.suse.com/1220928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52527"
},
{
"cve": "CVE-2023-52586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52586"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add mutex lock in control vblank irq\n\nAdd a mutex lock to control vblank irq to synchronize vblank\nenable/disable operations happening from different threads to prevent\nrace conditions while registering/unregistering the vblank irq callback.\n\nv4: -Removed vblank_ctl_lock from dpu_encoder_virt, so it is only a\n parameter of dpu_encoder_phys.\n -Switch from atomic refcnt to a simple int counter as mutex has\n now been added\nv3: Mistakenly did not change wording in last version. It is done now.\nv2: Slightly changed wording of commit message\n\nPatchwork: https://patchwork.freedesktop.org/patch/571854/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52586",
"url": "https://www.suse.com/security/cve/CVE-2023-52586"
},
{
"category": "external",
"summary": "SUSE Bug 1221081 for CVE-2023-52586",
"url": "https://bugzilla.suse.com/1221081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52586"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aqc111: check packet for fixup for true limit\n\nIf a device sends a packet that is inbetween 0\nand sizeof(u64) the value passed to skb_trim()\nas length will wrap around ending up as some very\nlarge value.\n\nThe driver will then proceed to parse the header\nlocated at that position, which will either oops or\nprocess some random value.\n\nThe fix is to check against sizeof(u64) rather than\n0, which the driver currently does. The issue exists\nsince the introduction of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52655",
"url": "https://www.suse.com/security/cve/CVE-2023-52655"
},
{
"category": "external",
"summary": "SUSE Bug 1217169 for CVE-2023-52655",
"url": "https://bugzilla.suse.com/1217169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: eliminate double free in error handling logic\n\nDriver has a logic leak in ring data allocation/free,\nwhere aq_ring_free could be called multiple times on same ring,\nif system is under stress and got memory allocation error.\n\nRing pointer was used as an indicator of failure, but this is\nnot correct since only ring data is allocated/deallocated.\nRing itself is an array member.\n\nChanging ring allocation functions to return error code directly.\nThis simplifies error handling and eliminates aq_ring_free\non higher layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52664",
"url": "https://www.suse.com/security/cve/CVE-2023-52664"
},
{
"category": "external",
"summary": "SUSE Bug 1224747 for CVE-2023-52664",
"url": "https://bugzilla.suse.com/1224747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52685"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52685",
"url": "https://www.suse.com/security/cve/CVE-2023-52685"
},
{
"category": "external",
"summary": "SUSE Bug 1224728 for CVE-2023-52685",
"url": "https://bugzilla.suse.com/1224728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52685"
},
{
"cve": "CVE-2023-52686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_event_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52686",
"url": "https://www.suse.com/security/cve/CVE-2023-52686"
},
{
"category": "external",
"summary": "SUSE Bug 1224682 for CVE-2023-52686",
"url": "https://bugzilla.suse.com/1224682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev-\u003epm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52691",
"url": "https://www.suse.com/security/cve/CVE-2023-52691"
},
{
"category": "external",
"summary": "SUSE Bug 1224607 for CVE-2023-52691",
"url": "https://bugzilla.suse.com/1224607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52696",
"url": "https://www.suse.com/security/cve/CVE-2023-52696"
},
{
"category": "external",
"summary": "SUSE Bug 1224601 for CVE-2023-52696",
"url": "https://bugzilla.suse.com/1224601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: fix memory leak in netlbl_calipso_add_pass()\n\nIf IPv6 support is disabled at boot (ipv6.disable=1),\nthe calipso_init() -\u003e netlbl_calipso_ops_register() function isn\u0027t called,\nand the netlbl_calipso_ops_get() function always returns NULL.\nIn this case, the netlbl_calipso_add_pass() function allocates memory\nfor the doi_def variable but doesn\u0027t free it with the calipso_doi_free().\n\nBUG: memory leak\nunreferenced object 0xffff888011d68180 (size 64):\n comm \"syz-executor.1\", pid 10746, jiffies 4295410986 (age 17.928s)\n hex dump (first 32 bytes):\n 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c...\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c...\u003e] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline]\n [\u003c...\u003e] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111\n [\u003c...\u003e] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n [\u003c...\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [\u003c...\u003e] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n [\u003c...\u003e] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515\n [\u003c...\u003e] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n [\u003c...\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [\u003c...\u003e] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339\n [\u003c...\u003e] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934\n [\u003c...\u003e] sock_sendmsg_nosec net/socket.c:651 [inline]\n [\u003c...\u003e] sock_sendmsg+0x157/0x190 net/socket.c:671\n [\u003c...\u003e] ____sys_sendmsg+0x712/0x870 net/socket.c:2342\n [\u003c...\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396\n [\u003c...\u003e] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429\n [\u003c...\u003e] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [\u003c...\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller\n\n[PM: merged via the LSM tree at Jakub Kicinski request]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52698",
"url": "https://www.suse.com/security/cve/CVE-2023-52698"
},
{
"category": "external",
"summary": "SUSE Bug 1224621 for CVE-2023-52698",
"url": "https://bugzilla.suse.com/1224621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path\n\nsyzbot reported that act_len in kalmia_send_init_packet() is\nuninitialized when passing it to the first usb_bulk_msg error path. Jiri\nPirko noted that it\u0027s pointless to pass it in the error path, and that\nthe value that would be printed in the second error path would be the\nvalue of act_len from the first call to usb_bulk_msg.[1]\n\nWith this in mind, let\u0027s just not pass act_len to the usb_bulk_msg error\npaths.\n\n1: https://lore.kernel.org/lkml/Y9pY61y1nwTuzMOa@nanopsycho/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52703",
"url": "https://www.suse.com/security/cve/CVE-2023-52703"
},
{
"category": "external",
"summary": "SUSE Bug 1225549 for CVE-2023-52703",
"url": "https://bugzilla.suse.com/1225549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2023-52703"
},
{
"cve": "CVE-2023-52730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52730",
"url": "https://www.suse.com/security/cve/CVE-2023-52730"
},
{
"category": "external",
"summary": "SUSE Bug 1224956 for CVE-2023-52730",
"url": "https://bugzilla.suse.com/1224956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52730"
},
{
"cve": "CVE-2023-52732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: blocklist the kclient when receiving corrupted snap trace\n\nWhen received corrupted snap trace we don\u0027t know what exactly has\nhappened in MDS side. And we shouldn\u0027t continue IOs and metadatas\naccess to MDS, which may corrupt or get incorrect contents.\n\nThis patch will just block all the further IO/MDS requests\nimmediately and then evict the kclient itself.\n\nThe reason why we still need to evict the kclient just after\nblocking all the further IOs is that the MDS could revoke the caps\nfaster.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52732",
"url": "https://www.suse.com/security/cve/CVE-2023-52732"
},
{
"category": "external",
"summary": "SUSE Bug 1225222 for CVE-2023-52732",
"url": "https://bugzilla.suse.com/1225222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52732"
},
{
"cve": "CVE-2023-52741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix use-after-free in rdata-\u003eread_into_pages()\n\nWhen the network status is unstable, use-after-free may occur when\nread data from the server.\n\n BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7e0\n\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x38/0x4c\n print_report+0x16f/0x4a6\n kasan_report+0xb7/0x130\n readpages_fill_pages+0x14c/0x7e0\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n \u003c/TASK\u003e\n\n Allocated by task 2535:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x82/0x90\n cifs_readdata_direct_alloc+0x2c/0x110\n cifs_readdata_alloc+0x2d/0x60\n cifs_readahead+0x393/0xfe0\n read_pages+0x12f/0x470\n page_cache_ra_unbounded+0x1b1/0x240\n filemap_get_pages+0x1c8/0x9a0\n filemap_read+0x1c0/0x540\n cifs_strict_readv+0x21b/0x240\n vfs_read+0x395/0x4b0\n ksys_read+0xb8/0x150\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n Freed by task 79:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2e/0x50\n __kasan_slab_free+0x10e/0x1a0\n __kmem_cache_free+0x7a/0x1a0\n cifs_readdata_release+0x49/0x60\n process_one_work+0x46c/0x760\n worker_thread+0x2a4/0x6f0\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\n Last potentially related work creation:\n kasan_save_stack+0x22/0x50\n __kasan_record_aux_stack+0x95/0xb0\n insert_work+0x2b/0x130\n __queue_work+0x1fe/0x660\n queue_work_on+0x4b/0x60\n smb2_readv_callback+0x396/0x800\n cifs_abort_connection+0x474/0x6a0\n cifs_reconnect+0x5cb/0xa50\n cifs_readv_from_socket.cold+0x22/0x6c\n cifs_read_page_from_socket+0xc1/0x100\n readpages_fill_pages.cold+0x2f/0x46\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\nThe following function calls will cause UAF of the rdata pointer.\n\nreadpages_fill_pages\n cifs_read_page_from_socket\n cifs_readv_from_socket\n cifs_reconnect\n __cifs_reconnect\n cifs_abort_connection\n mid-\u003ecallback() --\u003e smb2_readv_callback\n queue_work(\u0026rdata-\u003ework) # if the worker completes first,\n # the rdata is freed\n cifs_readv_complete\n kref_put\n cifs_readdata_release\n kfree(rdata)\n return rdata-\u003e... # UAF in readpages_fill_pages()\n\nSimilarly, this problem also occurs in the uncache_fill_pages().\n\nFix this by adjusts the order of condition judgment in the return\nstatement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52741",
"url": "https://www.suse.com/security/cve/CVE-2023-52741"
},
{
"category": "external",
"summary": "SUSE Bug 1225479 for CVE-2023-52741",
"url": "https://bugzilla.suse.com/1225479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52741"
},
{
"cve": "CVE-2023-52742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: USB: Fix wrong-direction WARNING in plusb.c\n\nThe syzbot fuzzer detected a bug in the plusb network driver: A\nzero-length control-OUT transfer was treated as a read instead of a\nwrite. In modern kernels this error provokes a WARNING:\n\nusb 1-1: BOGUS control dir, pipe 80000280 doesn\u0027t match bRequestType c0\nWARNING: CPU: 0 PID: 4645 at drivers/usb/core/urb.c:411\nusb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\nModules linked in:\nCPU: 1 PID: 4645 Comm: dhcpcd Not tainted\n6.2.0-rc6-syzkaller-00050-g9f266ccaa2f5 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n01/12/2023\nRIP: 0010:usb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58\n usb_internal_control_msg drivers/usb/core/message.c:102 [inline]\n usb_control_msg+0x320/0x4a0 drivers/usb/core/message.c:153\n __usbnet_read_cmd+0xb9/0x390 drivers/net/usb/usbnet.c:2010\n usbnet_read_cmd+0x96/0xf0 drivers/net/usb/usbnet.c:2068\n pl_vendor_req drivers/net/usb/plusb.c:60 [inline]\n pl_set_QuickLink_features drivers/net/usb/plusb.c:75 [inline]\n pl_reset+0x2f/0xf0 drivers/net/usb/plusb.c:85\n usbnet_open+0xcc/0x5d0 drivers/net/usb/usbnet.c:889\n __dev_open+0x297/0x4d0 net/core/dev.c:1417\n __dev_change_flags+0x587/0x750 net/core/dev.c:8530\n dev_change_flags+0x97/0x170 net/core/dev.c:8602\n devinet_ioctl+0x15a2/0x1d70 net/ipv4/devinet.c:1147\n inet_ioctl+0x33f/0x380 net/ipv4/af_inet.c:979\n sock_do_ioctl+0xcc/0x230 net/socket.c:1169\n sock_ioctl+0x1f8/0x680 net/socket.c:1286\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe fix is to call usbnet_write_cmd() instead of usbnet_read_cmd() and\nremove the USB_DIR_IN flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52742",
"url": "https://www.suse.com/security/cve/CVE-2023-52742"
},
{
"category": "external",
"summary": "SUSE Bug 1225482 for CVE-2023-52742",
"url": "https://bugzilla.suse.com/1225482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52742"
},
{
"cve": "CVE-2023-52747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Restore allocated resources on failed copyout\n\nFix a resource leak if an error occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52747",
"url": "https://www.suse.com/security/cve/CVE-2023-52747"
},
{
"category": "external",
"summary": "SUSE Bug 1224931 for CVE-2023-52747",
"url": "https://bugzilla.suse.com/1224931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52747"
},
{
"cve": "CVE-2023-52759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52759"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52759",
"url": "https://www.suse.com/security/cve/CVE-2023-52759"
},
{
"category": "external",
"summary": "SUSE Bug 1225560 for CVE-2023-52759",
"url": "https://bugzilla.suse.com/1225560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52774",
"url": "https://www.suse.com/security/cve/CVE-2023-52774"
},
{
"category": "external",
"summary": "SUSE Bug 1225572 for CVE-2023-52774",
"url": "https://bugzilla.suse.com/1225572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52781",
"url": "https://www.suse.com/security/cve/CVE-2023-52781"
},
{
"category": "external",
"summary": "SUSE Bug 1225092 for CVE-2023-52781",
"url": "https://bugzilla.suse.com/1225092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52796",
"url": "https://www.suse.com/security/cve/CVE-2023-52796"
},
{
"category": "external",
"summary": "SUSE Bug 1224930 for CVE-2023-52796",
"url": "https://bugzilla.suse.com/1224930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52803",
"url": "https://www.suse.com/security/cve/CVE-2023-52803"
},
{
"category": "external",
"summary": "SUSE Bug 1225008 for CVE-2023-52803",
"url": "https://bugzilla.suse.com/1225008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52803"
},
{
"cve": "CVE-2023-52821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52821",
"url": "https://www.suse.com/security/cve/CVE-2023-52821"
},
{
"category": "external",
"summary": "SUSE Bug 1225022 for CVE-2023-52821",
"url": "https://bugzilla.suse.com/1225022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52821"
},
{
"cve": "CVE-2023-52864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52864",
"url": "https://www.suse.com/security/cve/CVE-2023-52864"
},
{
"category": "external",
"summary": "SUSE Bug 1225132 for CVE-2023-52864",
"url": "https://bugzilla.suse.com/1225132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52865",
"url": "https://www.suse.com/security/cve/CVE-2023-52865"
},
{
"category": "external",
"summary": "SUSE Bug 1225086 for CVE-2023-52865",
"url": "https://bugzilla.suse.com/1225086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: possible buffer overflow\n\nBuffer \u0027afmt_status\u0027 of size 6 could overflow, since index \u0027afmt_idx\u0027 is\nchecked after access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52867",
"url": "https://www.suse.com/security/cve/CVE-2023-52867"
},
{
"category": "external",
"summary": "SUSE Bug 1225009 for CVE-2023-52867",
"url": "https://bugzilla.suse.com/1225009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52875",
"url": "https://www.suse.com/security/cve/CVE-2023-52875"
},
{
"category": "external",
"summary": "SUSE Bug 1225096 for CVE-2023-52875",
"url": "https://bugzilla.suse.com/1225096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc\n\nAny unprivileged user can attach N_GSM0710 ldisc, but it requires\nCAP_NET_ADMIN to create a GSM network anyway.\n\nRequire initial namespace CAP_NET_ADMIN to do that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52880",
"url": "https://www.suse.com/security/cve/CVE-2023-52880"
},
{
"category": "external",
"summary": "SUSE Bug 1222619 for CVE-2023-52880",
"url": "https://bugzilla.suse.com/1222619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2023-52880"
},
{
"cve": "CVE-2024-26625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26625"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: call sock_orphan() at release time\n\nsyzbot reported an interesting trace [1] caused by a stale sk-\u003esk_wq\npointer in a closed llc socket.\n\nIn commit ff7b11aa481f (\"net: socket: set sock-\u003esk to NULL after\ncalling proto_ops::release()\") Eric Biggers hinted that some protocols\nare missing a sock_orphan(), we need to perform a full audit.\n\nIn net-next, I plan to clear sock-\u003esk from sock_orphan() and\namend Eric patch to add a warning.\n\n[1]\n BUG: KASAN: slab-use-after-free in list_empty include/linux/list.h:373 [inline]\n BUG: KASAN: slab-use-after-free in waitqueue_active include/linux/wait.h:127 [inline]\n BUG: KASAN: slab-use-after-free in sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n BUG: KASAN: slab-use-after-free in sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\nRead of size 8 at addr ffff88802f4fc880 by task ksoftirqd/1/27\n\nCPU: 1 PID: 27 Comm: ksoftirqd/1 Not tainted 6.8.0-rc1-syzkaller-00049-g6098d87eaf31 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc4/0x620 mm/kasan/report.c:488\n kasan_report+0xda/0x110 mm/kasan/report.c:601\n list_empty include/linux/list.h:373 [inline]\n waitqueue_active include/linux/wait.h:127 [inline]\n sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\n skb_release_head_state+0xa3/0x2b0 net/core/skbuff.c:1080\n skb_release_all net/core/skbuff.c:1092 [inline]\n napi_consume_skb+0x119/0x2b0 net/core/skbuff.c:1404\n e1000_unmap_and_free_tx_resource+0x144/0x200 drivers/net/ethernet/intel/e1000/e1000_main.c:1970\n e1000_clean_tx_irq drivers/net/ethernet/intel/e1000/e1000_main.c:3860 [inline]\n e1000_clean+0x4a1/0x26e0 drivers/net/ethernet/intel/e1000/e1000_main.c:3801\n __napi_poll.constprop.0+0xb4/0x540 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x956/0xe90 net/core/dev.c:6778\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\n run_ksoftirqd kernel/softirq.c:921 [inline]\n run_ksoftirqd+0x31/0x60 kernel/softirq.c:913\n smpboot_thread_fn+0x660/0xa10 kernel/smpboot.c:164\n kthread+0x2c6/0x3a0 kernel/kthread.c:388\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n \u003c/TASK\u003e\n\nAllocated by task 5167:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_lru+0x142/0x6f0 mm/slub.c:3879\n alloc_inode_sb include/linux/fs.h:3019 [inline]\n sock_alloc_inode+0x25/0x1c0 net/socket.c:308\n alloc_inode+0x5d/0x220 fs/inode.c:260\n new_inode_pseudo+0x16/0x80 fs/inode.c:1005\n sock_alloc+0x40/0x270 net/socket.c:634\n __sock_create+0xbc/0x800 net/socket.c:1535\n sock_create net/socket.c:1622 [inline]\n __sys_socket_create net/socket.c:1659 [inline]\n __sys_socket+0x14c/0x260 net/socket.c:1706\n __do_sys_socket net/socket.c:1720 [inline]\n __se_sys_socket net/socket.c:1718 [inline]\n __x64_sys_socket+0x72/0xb0 net/socket.c:1718\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd3/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 0:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3f/0x60 mm/kasan/generic.c:640\n poison_slab_object mm/kasan/common.c:241 [inline]\n __kasan_slab_free+0x121/0x1b0 mm/kasan/common.c:257\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2121 [inlin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26625",
"url": "https://www.suse.com/security/cve/CVE-2024-26625"
},
{
"category": "external",
"summary": "SUSE Bug 1221086 for CVE-2024-26625",
"url": "https://bugzilla.suse.com/1221086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: pass correct message length to ip6_append_data\n\nl2tp_ip6_sendmsg needs to avoid accounting for the transport header\ntwice when splicing more data into an already partially-occupied skbuff.\n\nTo manage this, we check whether the skbuff contains data using\nskb_queue_empty when deciding how much data to append using\nip6_append_data.\n\nHowever, the code which performed the calculation was incorrect:\n\n ulen = len + skb_queue_empty(\u0026sk-\u003esk_write_queue) ? transhdrlen : 0;\n\n...due to C operator precedence, this ends up setting ulen to\ntranshdrlen for messages with a non-zero length, which results in\ncorrupted packets on the wire.\n\nAdd parentheses to correct the calculation in line with the original\nintent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26752",
"url": "https://www.suse.com/security/cve/CVE-2024-26752"
},
{
"category": "external",
"summary": "SUSE Bug 1222667 for CVE-2024-26752",
"url": "https://bugzilla.suse.com/1222667"
},
{
"category": "external",
"summary": "SUSE Bug 1223292 for CVE-2024-26752",
"url": "https://bugzilla.suse.com/1223292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2024-26752"
},
{
"cve": "CVE-2024-26775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: avoid potential deadlock at set_capacity\n\nMove set_capacity() outside of the section procected by (\u0026d-\u003elock).\nTo avoid possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n[1] lock(\u0026bdev-\u003ebd_size_lock);\n local_irq_disable();\n [2] lock(\u0026d-\u003elock);\n [3] lock(\u0026bdev-\u003ebd_size_lock);\n \u003cInterrupt\u003e\n[4] lock(\u0026d-\u003elock);\n\n *** DEADLOCK ***\n\nWhere [1](\u0026bdev-\u003ebd_size_lock) hold by zram_add()-\u003eset_capacity().\n[2]lock(\u0026d-\u003elock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc()\nis trying to acquire [3](\u0026bdev-\u003ebd_size_lock) at set_capacity() call.\nIn this situation an attempt to acquire [4]lock(\u0026d-\u003elock) from\naoecmd_cfg_rsp() will lead to deadlock.\n\nSo the simplest solution is breaking lock dependency\n[2](\u0026d-\u003elock) -\u003e [3](\u0026bdev-\u003ebd_size_lock) by moving set_capacity()\noutside.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26775",
"url": "https://www.suse.com/security/cve/CVE-2024-26775"
},
{
"category": "external",
"summary": "SUSE Bug 1222627 for CVE-2024-26775",
"url": "https://bugzilla.suse.com/1222627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26775"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fc: do not wait in vain when unloading module\n\nThe module exit path has race between deleting all controllers and\nfreeing \u0027left over IDs\u0027. To prevent double free a synchronization\nbetween nvme_delete_ctrl and ida_destroy has been added by the initial\ncommit.\n\nThere is some logic around trying to prevent from hanging forever in\nwait_for_completion, though it does not handling all cases. E.g.\nblktests is able to reproduce the situation where the module unload\nhangs forever.\n\nIf we completely rely on the cleanup code executed from the\nnvme_delete_ctrl path, all IDs will be freed eventually. This makes\ncalling ida_destroy unnecessary. We only have to ensure that all\nnvme_delete_ctrl code has been executed before we leave\nnvme_fc_exit_module. This is done by flushing the nvme_delete_wq\nworkqueue.\n\nWhile at it, remove the unused nvme_fc_wq workqueue too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26846",
"url": "https://www.suse.com/security/cve/CVE-2024-26846"
},
{
"category": "external",
"summary": "SUSE Bug 1223023 for CVE-2024-26846",
"url": "https://bugzilla.suse.com/1223023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26846"
},
{
"cve": "CVE-2024-26874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip\n\nIt\u0027s possible that mtk_crtc-\u003eevent is NULL in\nmtk_drm_crtc_finish_page_flip().\n\npending_needs_vblank value is set by mtk_crtc-\u003eevent, but in\nmtk_drm_crtc_atomic_flush(), it\u0027s is not guarded by the same\nlock in mtk_drm_finish_page_flip(), thus a race condition happens.\n\nConsider the following case:\n\nCPU1 CPU2\nstep 1:\nmtk_drm_crtc_atomic_begin()\nmtk_crtc-\u003eevent is not null,\n step 1:\n mtk_drm_crtc_atomic_flush:\n mtk_drm_crtc_update_config(\n !!mtk_crtc-\u003eevent)\nstep 2:\nmtk_crtc_ddp_irq -\u003e\nmtk_drm_finish_page_flip:\nlock\nmtk_crtc-\u003eevent set to null,\npending_needs_vblank set to false\nunlock\n pending_needs_vblank set to true,\n\n step 2:\n mtk_crtc_ddp_irq -\u003e\n mtk_drm_finish_page_flip called again,\n pending_needs_vblank is still true\n //null pointer\n\nInstead of guarding the entire mtk_drm_crtc_atomic_flush(), it\u0027s more\nefficient to just check if mtk_crtc-\u003eevent is null before use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26874",
"url": "https://www.suse.com/security/cve/CVE-2024-26874"
},
{
"category": "external",
"summary": "SUSE Bug 1223048 for CVE-2024-26874",
"url": "https://bugzilla.suse.com/1223048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26874"
},
{
"cve": "CVE-2024-26900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev-\u003eserial\n\nIf kobject_add() is fail in bind_rdev_to_array(), \u0027rdev-\u003eserial\u0027 will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [\u003c0000000058b0a453\u003e] kmemleak_alloc+0x61/0xe0\n [\u003c00000000366adf14\u003e] __kmalloc_large_node+0x15e/0x270\n [\u003c000000002e82961b\u003e] __kmalloc_node.cold+0x11/0x7f\n [\u003c00000000f206d60a\u003e] kvmalloc_node+0x74/0x150\n [\u003c0000000034bf3363\u003e] rdev_init_serial+0x67/0x170\n [\u003c0000000010e08fe9\u003e] mddev_create_serial_pool+0x62/0x220\n [\u003c00000000c3837bf0\u003e] bind_rdev_to_array+0x2af/0x630\n [\u003c0000000073c28560\u003e] md_add_new_disk+0x400/0x9f0\n [\u003c00000000770e30ff\u003e] md_ioctl+0x15bf/0x1c10\n [\u003c000000006cfab718\u003e] blkdev_ioctl+0x191/0x3f0\n [\u003c0000000085086a11\u003e] vfs_ioctl+0x22/0x60\n [\u003c0000000018b656fe\u003e] __x64_sys_ioctl+0xba/0xe0\n [\u003c00000000e54e675e\u003e] do_syscall_64+0x71/0x150\n [\u003c000000008b0ad622\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26900",
"url": "https://www.suse.com/security/cve/CVE-2024-26900"
},
{
"category": "external",
"summary": "SUSE Bug 1223046 for CVE-2024-26900",
"url": "https://bugzilla.suse.com/1223046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Reset IH OVERFLOW_CLEAR bit\n\nAllows us to detect subsequent IH ring buffer overflows as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26915",
"url": "https://www.suse.com/security/cve/CVE-2024-26915"
},
{
"category": "external",
"summary": "SUSE Bug 1223207 for CVE-2024-26915",
"url": "https://bugzilla.suse.com/1223207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26915"
},
{
"cve": "CVE-2024-26920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/trigger: Fix to return error if failed to alloc snapshot\n\nFix register_snapshot_trigger() to return error code if it failed to\nallocate a snapshot instead of 0 (success). Unless that, it will register\nsnapshot trigger without an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26920",
"url": "https://www.suse.com/security/cve/CVE-2024-26920"
},
{
"category": "external",
"summary": "SUSE Bug 1228237 for CVE-2024-26920",
"url": "https://bugzilla.suse.com/1228237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb-\u003esk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb-\u003esk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead-\u003esk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff-\u003esk member, we must move the\noffset into the FRAG_CB, else skb-\u003esk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won\u0027t continue past reasm engine.\n\nIn the latter case, we will steal the skb-\u003esk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26921",
"url": "https://www.suse.com/security/cve/CVE-2024-26921"
},
{
"category": "external",
"summary": "SUSE Bug 1223138 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "external",
"summary": "SUSE Bug 1223139 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface\u0027s parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can\u0027t complete\nuntil the device lock has been released, and the lock won\u0027t be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \u003csamsun1006219@gmail.com\u003e\nReported by: xingwei lee \u003cxrivendell7@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26934",
"url": "https://www.suse.com/security/cve/CVE-2024-26934"
},
{
"category": "external",
"summary": "SUSE Bug 1223671 for CVE-2024-26934",
"url": "https://bugzilla.suse.com/1223671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: fix reference counting on zcrypt card objects\n\nTests with hot-plugging crytpo cards on KVM guests with debug\nkernel build revealed an use after free for the load field of\nthe struct zcrypt_card. The reason was an incorrect reference\nhandling of the zcrypt card object which could lead to a free\nof the zcrypt card object while it was still in use.\n\nThis is an example of the slab message:\n\n kernel: 0x00000000885a7512-0x00000000885a7513 @offset=1298. First byte 0x68 instead of 0x6b\n kernel: Allocated in zcrypt_card_alloc+0x36/0x70 [zcrypt] age=18046 cpu=3 pid=43\n kernel: kmalloc_trace+0x3f2/0x470\n kernel: zcrypt_card_alloc+0x36/0x70 [zcrypt]\n kernel: zcrypt_cex4_card_probe+0x26/0x380 [zcrypt_cex4]\n kernel: ap_device_probe+0x15c/0x290\n kernel: really_probe+0xd2/0x468\n kernel: driver_probe_device+0x40/0xf0\n kernel: __device_attach_driver+0xc0/0x140\n kernel: bus_for_each_drv+0x8c/0xd0\n kernel: __device_attach+0x114/0x198\n kernel: bus_probe_device+0xb4/0xc8\n kernel: device_add+0x4d2/0x6e0\n kernel: ap_scan_adapter+0x3d0/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: Freed in zcrypt_card_put+0x54/0x80 [zcrypt] age=9024 cpu=3 pid=43\n kernel: kfree+0x37e/0x418\n kernel: zcrypt_card_put+0x54/0x80 [zcrypt]\n kernel: ap_device_remove+0x4c/0xe0\n kernel: device_release_driver_internal+0x1c4/0x270\n kernel: bus_remove_device+0x100/0x188\n kernel: device_del+0x164/0x3c0\n kernel: device_unregister+0x30/0x90\n kernel: ap_scan_adapter+0xc8/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: kthread+0x150/0x168\n kernel: __ret_from_fork+0x3c/0x58\n kernel: ret_from_fork+0xa/0x30\n kernel: Slab 0x00000372022169c0 objects=20 used=18 fp=0x00000000885a7c88 flags=0x3ffff00000000a00(workingset|slab|node=0|zone=1|lastcpupid=0x1ffff)\n kernel: Object 0x00000000885a74b8 @offset=1208 fp=0x00000000885a7c88\n kernel: Redzone 00000000885a74b0: bb bb bb bb bb bb bb bb ........\n kernel: Object 00000000885a74b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74f8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a7508: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 68 4b 6b 6b 6b a5 kkkkkkkkkkhKkkk.\n kernel: Redzone 00000000885a7518: bb bb bb bb bb bb bb bb ........\n kernel: Padding 00000000885a756c: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\n kernel: CPU: 0 PID: 387 Comm: systemd-udevd Not tainted 6.8.0-HF #2\n kernel: Hardware name: IBM 3931 A01 704 (KVM/Linux)\n kernel: Call Trace:\n kernel: [\u003c00000000ca5ab5b8\u003e] dump_stack_lvl+0x90/0x120\n kernel: [\u003c00000000c99d78bc\u003e] check_bytes_and_report+0x114/0x140\n kernel: [\u003c00000000c99d53cc\u003e] check_object+0x334/0x3f8\n kernel: [\u003c00000000c99d820c\u003e] alloc_debug_processing+0xc4/0x1f8\n kernel: [\u003c00000000c99d852e\u003e] get_partial_node.part.0+0x1ee/0x3e0\n kernel: [\u003c00000000c99d94ec\u003e] ___slab_alloc+0xaf4/0x13c8\n kernel: [\u003c00000000c99d9e38\u003e] __slab_alloc.constprop.0+0x78/0xb8\n kernel: [\u003c00000000c99dc8dc\u003e] __kmalloc+0x434/0x590\n kernel: [\u003c00000000c9b4c0ce\u003e] ext4_htree_store_dirent+0x4e/0x1c0\n kernel: [\u003c00000000c9b908a2\u003e] htree_dirblock_to_tree+0x17a/0x3f0\n kernel: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26957",
"url": "https://www.suse.com/security/cve/CVE-2024-26957"
},
{
"category": "external",
"summary": "SUSE Bug 1223666 for CVE-2024-26957",
"url": "https://bugzilla.suse.com/1223666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix UAF in direct writes\n\nIn production we have been hitting the following warning consistently\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28 refcount_warn_saturate+0x9c/0xe0\nWorkqueue: nfsiod nfs_direct_write_schedule_work [nfs]\nRIP: 0010:refcount_warn_saturate+0x9c/0xe0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x9f/0x130\n ? refcount_warn_saturate+0x9c/0xe0\n ? report_bug+0xcc/0x150\n ? handle_bug+0x3d/0x70\n ? exc_invalid_op+0x16/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? refcount_warn_saturate+0x9c/0xe0\n nfs_direct_write_schedule_work+0x237/0x250 [nfs]\n process_one_work+0x12f/0x4a0\n worker_thread+0x14e/0x3b0\n ? ZSTD_getCParams_internal+0x220/0x220\n kthread+0xdc/0x120\n ? __btf_name_valid+0xa0/0xa0\n ret_from_fork+0x1f/0x30\n\nThis is because we\u0027re completing the nfs_direct_request twice in a row.\n\nThe source of this is when we have our commit requests to submit, we\nprocess them and send them off, and then in the completion path for the\ncommit requests we have\n\nif (nfs_commit_end(cinfo.mds))\n\tnfs_direct_write_complete(dreq);\n\nHowever since we\u0027re submitting asynchronous requests we sometimes have\none that completes before we submit the next one, so we end up calling\ncomplete on the nfs_direct_request twice.\n\nThe only other place we use nfs_generic_commit_list() is in\n__nfs_commit_inode, which wraps this call in a\n\nnfs_commit_begin();\nnfs_commit_end();\n\nWhich is a common pattern for this style of completion handling, one\nthat is also repeated in the direct code with get_dreq()/put_dreq()\ncalls around where we process events as well as in the completion paths.\n\nFix this by using the same pattern for the commit requests.\n\nBefore with my 200 node rocksdb stress running this warning would pop\nevery 10ish minutes. With my patch the stress test has been running for\nseveral hours without popping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26958",
"url": "https://www.suse.com/security/cve/CVE-2024-26958"
},
{
"category": "external",
"summary": "SUSE Bug 1223653 for CVE-2024-26958",
"url": "https://bugzilla.suse.com/1223653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: fix instmem race condition around ptr stores\n\nRunning a lot of VK CTS in parallel against nouveau, once every\nfew hours you might see something like this crash.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 8000000114e6e067 P4D 8000000114e6e067 PUD 109046067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 7 PID: 53891 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\nHardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\nRIP: 0010:gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\nCode: c7 48 01 c8 49 89 45 58 85 d2 0f 84 95 00 00 00 41 0f b7 46 12 49 8b 7e 08 89 da 42 8d 2c f8 48 8b 47 08 41 83 c7 01 48 89 ee \u003c48\u003e 8b 40 08 ff d0 0f 1f 00 49 8b 7e 08 48 89 d9 48 8d 75 04 48 c1\nRSP: 0000:ffffac20c5857838 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000004d8001 RCX: 0000000000000001\nRDX: 00000000004d8001 RSI: 00000000000006d8 RDI: ffffa07afe332180\nRBP: 00000000000006d8 R08: ffffac20c5857ad0 R09: 0000000000ffff10\nR10: 0000000000000001 R11: ffffa07af27e2de0 R12: 000000000000001c\nR13: ffffac20c5857ad0 R14: ffffa07a96fe9040 R15: 000000000000001c\nFS: 00007fe395eed7c0(0000) GS:ffffa07e2c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000011febe001 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n...\n\n ? gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\n ? gp100_vmm_pgt_mem+0x37/0x180 [nouveau]\n nvkm_vmm_iter+0x351/0xa20 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __lock_acquire+0x3ed/0x2170\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_ptes_get_map+0xc2/0x100 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_map_locked+0x224/0x3a0 [nouveau]\n\nAdding any sort of useful debug usually makes it go away, so I hand\nwrote the function in a line, and debugged the asm.\n\nEvery so often pt-\u003ememory-\u003eptrs is NULL. This ptrs ptr is set in\nthe nv50_instobj_acquire called from nvkm_kmap.\n\nIf Thread A and Thread B both get to nv50_instobj_acquire around\nthe same time, and Thread A hits the refcount_set line, and in\nlockstep thread B succeeds at refcount_inc_not_zero, there is a\nchance the ptrs value won\u0027t have been stored since refcount_set\nis unordered. Force a memory barrier here, I picked smp_mb, since\nwe want it on all CPUs and it\u0027s write followed by a read.\n\nv2: use paired smp_rmb/smp_wmb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26984",
"url": "https://www.suse.com/security/cve/CVE-2024-26984"
},
{
"category": "external",
"summary": "SUSE Bug 1223633 for CVE-2024-26984",
"url": "https://bugzilla.suse.com/1223633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error\n\nWhen ncm function is working and then stop usb0 interface for link down,\neth_stop() is called. At this piont, accidentally if usb transport error\nshould happen in usb_ep_enable(), \u0027in_ep\u0027 and/or \u0027out_ep\u0027 may not be enabled.\n\nAfter that, ncm_disable() is called to disable for ncm unbind\nbut gether_disconnect() is never called since \u0027in_ep\u0027 is not enabled.\n\nAs the result, ncm object is released in ncm unbind\nbut \u0027dev-\u003eport_usb\u0027 associated to \u0027ncm-\u003eport\u0027 is not NULL.\n\nAnd when ncm bind again to recover netdev, ncm object is reallocated\nbut usb0 interface is already associated to previous released ncm object.\n\nTherefore, once usb0 interface is up and eth_start_xmit() is called,\nreleased ncm object is dereferrenced and it might cause use-after-free memory.\n\n[function unlink via configfs]\n usb0: eth_stop dev-\u003eport_usb=ffffff9b179c3200\n --\u003e error happens in usb_ep_enable().\n NCM: ncm_disable: ncm=ffffff9b179c3200\n --\u003e no gether_disconnect() since ncm-\u003eport.in_ep-\u003eenabled is false.\n NCM: ncm_unbind: ncm unbind ncm=ffffff9b179c3200\n NCM: ncm_free: ncm free ncm=ffffff9b179c3200 \u003c-- released ncm\n\n[function link via configfs]\n NCM: ncm_alloc: ncm alloc ncm=ffffff9ac4f8a000\n NCM: ncm_bind: ncm bind ncm=ffffff9ac4f8a000\n NCM: ncm_set_alt: ncm=ffffff9ac4f8a000 alt=0\n usb0: eth_open dev-\u003eport_usb=ffffff9b179c3200 \u003c-- previous released ncm\n usb0: eth_start dev-\u003eport_usb=ffffff9b179c3200 \u003c--\n eth_start_xmit()\n --\u003e dev-\u003ewrap()\n Unable to handle kernel paging request at virtual address dead00000000014f\n\nThis patch addresses the issue by checking if \u0027ncm-\u003enetdev\u0027 is not NULL at\nncm_disable() to call gether_disconnect() to deassociate \u0027dev-\u003eport_usb\u0027.\nIt\u0027s more reasonable to check \u0027ncm-\u003enetdev\u0027 to call gether_connect/disconnect\nrather than check \u0027ncm-\u003eport.in_ep-\u003eenabled\u0027 since it might not be enabled\nbut the gether connection might be established.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26996",
"url": "https://www.suse.com/security/cve/CVE-2024-26996"
},
{
"category": "external",
"summary": "SUSE Bug 1223752 for CVE-2024-26996",
"url": "https://bugzilla.suse.com/1223752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-27059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27059",
"url": "https://www.suse.com/security/cve/CVE-2024-27059"
},
{
"category": "external",
"summary": "SUSE Bug 1223738 for CVE-2024-27059",
"url": "https://bugzilla.suse.com/1223738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: lock the client object tree.\n\nIt appears the client object tree has no locking unless I\u0027ve missed\nsomething else. Fix races around adding/removing client objects,\nmostly vram bar mappings.\n\n 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI\n[ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\n[ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\n[ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 \u003c48\u003e 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe\n[ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206\n[ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58\n[ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400\n[ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000\n[ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0\n[ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007\n[ 4562.099528] FS: 00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000\n[ 4562.099534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0\n[ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4562.099544] Call Trace:\n[ 4562.099555] \u003cTASK\u003e\n[ 4562.099573] ? die_addr+0x36/0x90\n[ 4562.099583] ? exc_general_protection+0x246/0x4a0\n[ 4562.099593] ? asm_exc_general_protection+0x26/0x30\n[ 4562.099600] ? nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099730] nvkm_ioctl+0xa1/0x250 [nouveau]\n[ 4562.099861] nvif_object_map_handle+0xc8/0x180 [nouveau]\n[ 4562.099986] nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau]\n[ 4562.100156] ? dma_resv_test_signaled+0x26/0xb0\n[ 4562.100163] ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm]\n[ 4562.100182] ? __mutex_unlock_slowpath+0x2a/0x270\n[ 4562.100189] nouveau_ttm_fault+0x69/0xb0 [nouveau]\n[ 4562.100356] __do_fault+0x32/0x150\n[ 4562.100362] do_fault+0x7c/0x560\n[ 4562.100369] __handle_mm_fault+0x800/0xc10\n[ 4562.100382] handle_mm_fault+0x17c/0x3e0\n[ 4562.100388] do_user_addr_fault+0x208/0x860\n[ 4562.100395] exc_page_fault+0x7f/0x200\n[ 4562.100402] asm_exc_page_fault+0x26/0x30\n[ 4562.100412] RIP: 0033:0x9b9870\n[ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 \u003c44\u003e 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7\n[ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246\n[ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000\n[ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066\n[ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000\n[ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff\n[ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 4562.100446] \u003c/TASK\u003e\n[ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27062",
"url": "https://www.suse.com/security/cve/CVE-2024-27062"
},
{
"category": "external",
"summary": "SUSE Bug 1223834 for CVE-2024-27062",
"url": "https://bugzilla.suse.com/1223834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27396",
"url": "https://www.suse.com/security/cve/CVE-2024-27396"
},
{
"category": "external",
"summary": "SUSE Bug 1224096 for CVE-2024-27396",
"url": "https://bugzilla.suse.com/1224096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27401",
"url": "https://www.suse.com/security/cve/CVE-2024-27401"
},
{
"category": "external",
"summary": "SUSE Bug 1224181 for CVE-2024-27401",
"url": "https://bugzilla.suse.com/1224181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-27401"
},
{
"cve": "CVE-2024-27419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Fix data-races around sysctl_net_busy_read\n\nWe need to protect the reader reading the sysctl value because the\nvalue can be changed concurrently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27419",
"url": "https://www.suse.com/security/cve/CVE-2024-27419"
},
{
"category": "external",
"summary": "SUSE Bug 1224759 for CVE-2024-27419",
"url": "https://bugzilla.suse.com/1224759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "low"
}
],
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Stop parsing channels bits when all channels are found.\n\nIf a usb audio device sets more bits than the amount of channels\nit could write outside of the map array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27436",
"url": "https://www.suse.com/security/cve/CVE-2024-27436"
},
{
"category": "external",
"summary": "SUSE Bug 1224803 for CVE-2024-27436",
"url": "https://bugzilla.suse.com/1224803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-35789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35789",
"url": "https://www.suse.com/security/cve/CVE-2024-35789"
},
{
"category": "external",
"summary": "SUSE Bug 1224749 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "external",
"summary": "SUSE Bug 1227320 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1227320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "important"
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region()\n\nDo the cache flush of converted pages in svm_register_enc_region() before\ndropping kvm-\u003elock to fix use-after-free issues where region and/or its\narray of pages could be freed by a different task, e.g. if userspace has\n__unregister_enc_region_locked() already queued up for the region.\n\nNote, the \"obvious\" alternative of using local variables doesn\u0027t fully\nresolve the bug, as region-\u003epages is also dynamically allocated. I.e. the\nregion structure itself would be fine, but region-\u003epages could be freed.\n\nFlushing multiple pages under kvm-\u003elock is unfortunate, but the entire\nflow is a rare slow path, and the manual flush is only needed on CPUs that\nlack coherency for encrypted memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35791",
"url": "https://www.suse.com/security/cve/CVE-2024-35791"
},
{
"category": "external",
"summary": "SUSE Bug 1224725 for CVE-2024-35791",
"url": "https://bugzilla.suse.com/1224725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35791"
},
{
"cve": "CVE-2024-35809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/PM: Drain runtime-idle callbacks before driver removal\n\nA race condition between the .runtime_idle() callback and the .remove()\ncallback in the rtsx_pcr PCI driver leads to a kernel crash due to an\nunhandled page fault [1].\n\nThe problem is that rtsx_pci_runtime_idle() is not expected to be running\nafter pm_runtime_get_sync() has been called, but the latter doesn\u0027t really\nguarantee that. It only guarantees that the suspend and resume callbacks\nwill not be running when it returns.\n\nHowever, if a .runtime_idle() callback is already running when\npm_runtime_get_sync() is called, the latter will notice that the runtime PM\nstatus of the device is RPM_ACTIVE and it will return right away without\nwaiting for the former to complete. In fact, it cannot wait for\n.runtime_idle() to complete because it may be called from that callback (it\narguably does not make much sense to do that, but it is not strictly\nprohibited).\n\nThus in general, whoever is providing a .runtime_idle() callback needs\nto protect it from running in parallel with whatever code runs after\npm_runtime_get_sync(). [Note that .runtime_idle() will not start after\npm_runtime_get_sync() has returned, but it may continue running then if it\nhas started earlier.]\n\nOne way to address that race condition is to call pm_runtime_barrier()\nafter pm_runtime_get_sync() (not before it, because a nonzero value of the\nruntime PM usage counter is necessary to prevent runtime PM callbacks from\nbeing invoked) to wait for the .runtime_idle() callback to complete should\nit be running at that point. A suitable place for doing that is in\npci_device_remove() which calls pm_runtime_get_sync() before removing the\ndriver, so it may as well call pm_runtime_barrier() subsequently, which\nwill prevent the race in question from occurring, not just in the rtsx_pcr\ndriver, but in any PCI drivers providing .runtime_idle() callbacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35809",
"url": "https://www.suse.com/security/cve/CVE-2024-35809"
},
{
"category": "external",
"summary": "SUSE Bug 1224738 for CVE-2024-35809",
"url": "https://bugzilla.suse.com/1224738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35809"
},
{
"cve": "CVE-2024-35811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach\n\nThis is the candidate patch of CVE-2023-47233 :\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47233\n\nIn brcm80211 driver,it starts with the following invoking chain\nto start init a timeout worker:\n\n-\u003ebrcmf_usb_probe\n -\u003ebrcmf_usb_probe_cb\n -\u003ebrcmf_attach\n -\u003ebrcmf_bus_started\n -\u003ebrcmf_cfg80211_attach\n -\u003ewl_init_priv\n -\u003ebrcmf_init_escan\n -\u003eINIT_WORK(\u0026cfg-\u003eescan_timeout_work,\n\t\t brcmf_cfg80211_escan_timeout_worker);\n\nIf we disconnect the USB by hotplug, it will call\nbrcmf_usb_disconnect to make cleanup. The invoking chain is :\n\nbrcmf_usb_disconnect\n -\u003ebrcmf_usb_disconnect_cb\n -\u003ebrcmf_detach\n -\u003ebrcmf_cfg80211_detach\n -\u003ekfree(cfg);\n\nWhile the timeout woker may still be running. This will cause\na use-after-free bug on cfg in brcmf_cfg80211_escan_timeout_worker.\n\nFix it by deleting the timer and canceling the worker in\nbrcmf_cfg80211_detach.\n\n[arend.vanspriel@broadcom.com: keep timer delete as is and cancel work just before free]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35811",
"url": "https://www.suse.com/security/cve/CVE-2024-35811"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2024-35811",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tc358743: register v4l2 async device only after successful setup\n\nEnsure the device has been setup correctly before registering the v4l2\nasync device, thus allowing userspace to access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35830",
"url": "https://www.suse.com/security/cve/CVE-2024-35830"
},
{
"category": "external",
"summary": "SUSE Bug 1224680 for CVE-2024-35830",
"url": "https://bugzilla.suse.com/1224680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35830"
},
{
"cve": "CVE-2024-35849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix information leak in btrfs_ioctl_logical_to_ino()\n\nSyzbot reported the following information leak for in\nbtrfs_ioctl_logical_to_ino():\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n btrfs_ioctl_logical_to_ino+0x440/0x750 fs/btrfs/ioctl.c:3499\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Uninit was created at:\n __kmalloc_large_node+0x231/0x370 mm/slub.c:3921\n __do_kmalloc_node mm/slub.c:3954 [inline]\n __kmalloc_node+0xb07/0x1060 mm/slub.c:3973\n kmalloc_node include/linux/slab.h:648 [inline]\n kvmalloc_node+0xc0/0x2d0 mm/util.c:634\n kvmalloc include/linux/slab.h:766 [inline]\n init_data_container+0x49/0x1e0 fs/btrfs/backref.c:2779\n btrfs_ioctl_logical_to_ino+0x17c/0x750 fs/btrfs/ioctl.c:3480\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Bytes 40-65535 of 65536 are uninitialized\n Memory access of size 65536 starts at ffff888045a40000\n\nThis happens, because we\u0027re copying a \u0027struct btrfs_data_container\u0027 back\nto user-space. This btrfs_data_container is allocated in\n\u0027init_data_container()\u0027 via kvmalloc(), which does not zero-fill the\nmemory.\n\nFix this by using kvzalloc() which zeroes out the memory on allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35849",
"url": "https://www.suse.com/security/cve/CVE-2024-35849"
},
{
"category": "external",
"summary": "SUSE Bug 1224733 for CVE-2024-35849",
"url": "https://bugzilla.suse.com/1224733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: fix VM_PAT handling in COW mappings\n\nPAT handling won\u0027t do the right thing in COW mappings: the first PTE (or,\nin fact, all PTEs) can be replaced during write faults to point at anon\nfolios. Reliably recovering the correct PFN and cachemode using\nfollow_phys() from PTEs will not work in COW mappings.\n\nUsing follow_phys(), we might just get the address+protection of the anon\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\ntrack_pfn_copy(), not properly calling free_pfn_range().\n\nIn free_pfn_range(), we either wouldn\u0027t call memtype_free() or would call\nit with the wrong range, possibly leaking memory.\n\nTo fix that, let\u0027s update follow_phys() to refuse returning anon folios,\nand fallback to using the stored PFN inside vma-\u003evm_pgoff for COW mappings\nif we run into that.\n\nWe will now properly handle untrack_pfn() with COW mappings, where we\ndon\u0027t need the cachemode. We\u0027ll have to fail fork()-\u003etrack_pfn_copy() if\nthe first page was replaced by an anon folio, though: we\u0027d have to store\nthe cachemode in the VMA to make this work, likely growing the VMA size.\n\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\ncase: it would have failed in the past with swap/nonswap entries already,\nand it would have done the wrong thing with anon folios.\n\nSimple reproducer to trigger the WARN_ON_ONCE() in untrack_pfn():\n\n\u003c--- C reproducer ---\u003e\n #include \u003cstdio.h\u003e\n #include \u003csys/mman.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003cliburing.h\u003e\n\n int main(void)\n {\n struct io_uring_params p = {};\n int ring_fd;\n size_t size;\n char *map;\n\n ring_fd = io_uring_setup(1, \u0026p);\n if (ring_fd \u003c 0) {\n perror(\"io_uring_setup\");\n return 1;\n }\n size = p.sq_off.array + p.sq_entries * sizeof(unsigned);\n\n /* Map the submission queue ring MAP_PRIVATE */\n map = mmap(0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE,\n ring_fd, IORING_OFF_SQ_RING);\n if (map == MAP_FAILED) {\n perror(\"mmap\");\n return 1;\n }\n\n /* We have at least one page. Let\u0027s COW it. */\n *map = 0;\n pause();\n return 0;\n }\n\u003c--- C reproducer ---\u003e\n\nOn a system with 16 GiB RAM and swap configured:\n # ./iouring \u0026\n # memhog 16G\n # killall iouring\n[ 301.552930] ------------[ cut here ]------------\n[ 301.553285] WARNING: CPU: 7 PID: 1402 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0xf4/0x100\n[ 301.553989] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_g\n[ 301.558232] CPU: 7 PID: 1402 Comm: iouring Not tainted 6.7.5-100.fc38.x86_64 #1\n[ 301.558772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebu4\n[ 301.559569] RIP: 0010:untrack_pfn+0xf4/0x100\n[ 301.559893] Code: 75 c4 eb cf 48 8b 43 10 8b a8 e8 00 00 00 3b 6b 28 74 b8 48 8b 7b 30 e8 ea 1a f7 000\n[ 301.561189] RSP: 0018:ffffba2c0377fab8 EFLAGS: 00010282\n[ 301.561590] RAX: 00000000ffffffea RBX: ffff9208c8ce9cc0 RCX: 000000010455e047\n[ 301.562105] RDX: 07fffffff0eb1e0a RSI: 0000000000000000 RDI: ffff9208c391d200\n[ 301.562628] RBP: 0000000000000000 R08: ffffba2c0377fab8 R09: 0000000000000000\n[ 301.563145] R10: ffff9208d2292d50 R11: 0000000000000002 R12: 00007fea890e0000\n[ 301.563669] R13: 0000000000000000 R14: ffffba2c0377fc08 R15: 0000000000000000\n[ 301.564186] FS: 0000000000000000(0000) GS:ffff920c2fbc0000(0000) knlGS:0000000000000000\n[ 301.564773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 301.565197] CR2: 00007fea88ee8a20 CR3: 00000001033a8000 CR4: 0000000000750ef0\n[ 301.565725] PKRU: 55555554\n[ 301.565944] Call Trace:\n[ 301.566148] \u003cTASK\u003e\n[ 301.566325] ? untrack_pfn+0xf4/0x100\n[ 301.566618] ? __warn+0x81/0x130\n[ 301.566876] ? untrack_pfn+0xf4/0x100\n[ 3\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35877",
"url": "https://www.suse.com/security/cve/CVE-2024-35877"
},
{
"category": "external",
"summary": "SUSE Bug 1224525 for CVE-2024-35877",
"url": "https://bugzilla.suse.com/1224525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: prevent NULL pointer dereference in vsnprintf()\n\nIn of_modalias(), we can get passed the str and len parameters which would\ncause a kernel oops in vsnprintf() since it only allows passing a NULL ptr\nwhen the length is also 0. Also, we need to filter out the negative values\nof the len parameter as these will result in a really huge buffer since\nsnprintf() takes size_t parameter while ours is ssize_t...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35878",
"url": "https://www.suse.com/security/cve/CVE-2024-35878"
},
{
"category": "external",
"summary": "SUSE Bug 1224671 for CVE-2024-35878",
"url": "https://bugzilla.suse.com/1224671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: fix use-after-free bugs caused by ax25_ds_del_timer\n\nWhen the ax25 device is detaching, the ax25_dev_device_down()\ncalls ax25_ds_del_timer() to cleanup the slave_timer. When\nthe timer handler is running, the ax25_ds_del_timer() that\ncalls del_timer() in it will return directly. As a result,\nthe use-after-free bugs could happen, one of the scenarios\nis shown below:\n\n (Thread 1) | (Thread 2)\n | ax25_ds_timeout()\nax25_dev_device_down() |\n ax25_ds_del_timer() |\n del_timer() |\n ax25_dev_put() //FREE |\n | ax25_dev-\u003e //USE\n\nIn order to mitigate bugs, when the device is detaching, use\ntimer_shutdown_sync() to stop the timer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35887",
"url": "https://www.suse.com/security/cve/CVE-2024-35887"
},
{
"category": "external",
"summary": "SUSE Bug 1224663 for CVE-2024-35887",
"url": "https://bugzilla.suse.com/1224663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35887"
},
{
"cve": "CVE-2024-35895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35895",
"url": "https://www.suse.com/security/cve/CVE-2024-35895"
},
{
"category": "external",
"summary": "SUSE Bug 1224511 for CVE-2024-35895",
"url": "https://bugzilla.suse.com/1224511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix error cleanup path in nfsd_rename()\n\nCommit a8b0026847b8 (\"rename(): avoid a deadlock in the case of parents\nhaving no common ancestor\") added an error bail out path. However this\npath does not drop the remount protection that has been acquired. Fix\nthe cleanup path to properly drop the remount protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35914",
"url": "https://www.suse.com/security/cve/CVE-2024-35914"
},
{
"category": "external",
"summary": "SUSE Bug 1224482 for CVE-2024-35914",
"url": "https://bugzilla.suse.com/1224482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-35932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: don\u0027t check if plane-\u003estate-\u003efb == state-\u003efb\n\nCurrently, when using non-blocking commits, we can see the following\nkernel warning:\n\n[ 110.908514] ------------[ cut here ]------------\n[ 110.908529] refcount_t: underflow; use-after-free.\n[ 110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0\n[ 110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_hash aes_arm64 aes_generic algif_skcipher af_alg bnep hid_logitech_hidpp vc4 brcmfmac hci_uart btbcm brcmutil bluetooth snd_soc_hdmi_codec cfg80211 cec drm_display_helper drm_dma_helper drm_kms_helper snd_soc_core snd_compress snd_pcm_dmaengine fb_sys_fops sysimgblt syscopyarea sysfillrect raspberrypi_hwmon ecdh_generic ecc rfkill libaes i2c_bcm2835 binfmt_misc joydev snd_bcm2835(C) bcm2835_codec(C) bcm2835_isp(C) v4l2_mem2mem videobuf2_dma_contig snd_pcm bcm2835_v4l2(C) raspberrypi_gpiomem bcm2835_mmal_vchiq(C) videobuf2_v4l2 snd_timer videobuf2_vmalloc videobuf2_memops videobuf2_common snd videodev vc_sm_cma(C) mc hid_logitech_dj uio_pdrv_genirq uio i2c_dev drm fuse dm_mod drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 110.909086] CPU: 0 PID: 1866 Comm: kodi.bin Tainted: G C 6.1.66-v8+ #32\n[ 110.909104] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 110.909114] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 110.909132] pc : refcount_dec_not_one+0xb8/0xc0\n[ 110.909152] lr : refcount_dec_not_one+0xb4/0xc0\n[ 110.909170] sp : ffffffc00913b9c0\n[ 110.909177] x29: ffffffc00913b9c0 x28: 000000556969bbb0 x27: 000000556990df60\n[ 110.909205] x26: 0000000000000002 x25: 0000000000000004 x24: ffffff8004448480\n[ 110.909230] x23: ffffff800570b500 x22: ffffff802e03a7bc x21: ffffffecfca68c78\n[ 110.909257] x20: ffffff8002b42000 x19: ffffff802e03a600 x18: 0000000000000000\n[ 110.909283] x17: 0000000000000011 x16: ffffffffffffffff x15: 0000000000000004\n[ 110.909308] x14: 0000000000000fff x13: ffffffed577e47e0 x12: 0000000000000003\n[ 110.909333] x11: 0000000000000000 x10: 0000000000000027 x9 : c912d0d083728c00\n[ 110.909359] x8 : c912d0d083728c00 x7 : 65646e75203a745f x6 : 746e756f63666572\n[ 110.909384] x5 : ffffffed579f62ee x4 : ffffffed579eb01e x3 : 0000000000000000\n[ 110.909409] x2 : 0000000000000000 x1 : ffffffc00913b750 x0 : 0000000000000001\n[ 110.909434] Call trace:\n[ 110.909441] refcount_dec_not_one+0xb8/0xc0\n[ 110.909461] vc4_bo_dec_usecnt+0x4c/0x1b0 [vc4]\n[ 110.909903] vc4_cleanup_fb+0x44/0x50 [vc4]\n[ 110.910315] drm_atomic_helper_cleanup_planes+0x88/0xa4 [drm_kms_helper]\n[ 110.910669] vc4_atomic_commit_tail+0x390/0x9dc [vc4]\n[ 110.911079] commit_tail+0xb0/0x164 [drm_kms_helper]\n[ 110.911397] drm_atomic_helper_commit+0x1d0/0x1f0 [drm_kms_helper]\n[ 110.911716] drm_atomic_commit+0xb0/0xdc [drm]\n[ 110.912569] drm_mode_atomic_ioctl+0x348/0x4b8 [drm]\n[ 110.913330] drm_ioctl_kernel+0xec/0x15c [drm]\n[ 110.914091] drm_ioctl+0x24c/0x3b0 [drm]\n[ 110.914850] __arm64_sys_ioctl+0x9c/0xd4\n[ 110.914873] invoke_syscall+0x4c/0x114\n[ 110.914897] el0_svc_common+0xd0/0x118\n[ 110.914917] do_el0_svc+0x38/0xd0\n[ 110.914936] el0_svc+0x30/0x8c\n[ 110.914958] el0t_64_sync_handler+0x84/0xf0\n[ 110.914979] el0t_64_sync+0x18c/0x190\n[ 110.914996] ---[ end trace 0000000000000000 ]---\n\nThis happens because, although `prepare_fb` and `cleanup_fb` are\nperfectly balanced, we cannot guarantee consistency in the check\nplane-\u003estate-\u003efb == state-\u003efb. This means that sometimes we can increase\nthe refcount in `prepare_fb` and don\u0027t decrease it in `cleanup_fb`. The\nopposite can also be true.\n\nIn fact, the struct drm_plane .state shouldn\u0027t be accessed directly\nbut instead, the `drm_atomic_get_new_plane_state()` helper function should\nbe used. So, we could stick to this check, but using\n`drm_atomic_get_new_plane_state()`. But actually, this check is not re\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35932",
"url": "https://www.suse.com/security/cve/CVE-2024-35932"
},
{
"category": "external",
"summary": "SUSE Bug 1224650 for CVE-2024-35932",
"url": "https://bugzilla.suse.com/1224650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35932"
},
{
"cve": "CVE-2024-35935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: send: handle path ref underflow in header iterate_inode_ref()\n\nChange BUG_ON to proper error handling if building the path buffer\nfails. The pointers are not printed so we don\u0027t accidentally leak kernel\naddresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35935",
"url": "https://www.suse.com/security/cve/CVE-2024-35935"
},
{
"category": "external",
"summary": "SUSE Bug 1224645 for CVE-2024-35935",
"url": "https://bugzilla.suse.com/1224645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()\n\nThe unhandled case in btrfs_relocate_sys_chunks() loop is a corruption,\nas it could be caused only by two impossible conditions:\n\n- at first the search key is set up to look for a chunk tree item, with\n offset -1, this is an inexact search and the key-\u003eoffset will contain\n the correct offset upon a successful search, a valid chunk tree item\n cannot have an offset -1\n\n- after first successful search, the found_key corresponds to a chunk\n item, the offset is decremented by 1 before the next loop, it\u0027s\n impossible to find a chunk item there due to alignment and size\n constraints",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35936",
"url": "https://www.suse.com/security/cve/CVE-2024-35936"
},
{
"category": "external",
"summary": "SUSE Bug 1224644 for CVE-2024-35936",
"url": "https://bugzilla.suse.com/1224644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()\n\nSyzkaller hit \u0027WARNING in dg_dispatch_as_host\u0027 bug.\n\nmemcpy: detected field-spanning write (size 56) of single field \"\u0026dg_info-\u003emsg\"\nat drivers/misc/vmw_vmci/vmci_datagram.c:237 (size 24)\n\nWARNING: CPU: 0 PID: 1555 at drivers/misc/vmw_vmci/vmci_datagram.c:237\ndg_dispatch_as_host+0x88e/0xa60 drivers/misc/vmw_vmci/vmci_datagram.c:237\n\nSome code commentry, based on my understanding:\n\n544 #define VMCI_DG_SIZE(_dg) (VMCI_DG_HEADERSIZE + (size_t)(_dg)-\u003epayload_size)\n/// This is 24 + payload_size\n\nmemcpy(\u0026dg_info-\u003emsg, dg, dg_size);\n\tDestination = dg_info-\u003emsg ---\u003e this is a 24 byte\n\t\t\t\t\tstructure(struct vmci_datagram)\n\tSource = dg --\u003e this is a 24 byte structure (struct vmci_datagram)\n\tSize = dg_size = 24 + payload_size\n\n{payload_size = 56-24 =32} -- Syzkaller managed to set payload_size to 32.\n\n 35 struct delayed_datagram_info {\n 36 struct datagram_entry *entry;\n 37 struct work_struct work;\n 38 bool in_dg_host_queue;\n 39 /* msg and msg_payload must be together. */\n 40 struct vmci_datagram msg;\n 41 u8 msg_payload[];\n 42 };\n\nSo those extra bytes of payload are copied into msg_payload[], a run time\nwarning is seen while fuzzing with Syzkaller.\n\nOne possible way to fix the warning is to split the memcpy() into\ntwo parts -- one -- direct assignment of msg and second taking care of payload.\n\nGustavo quoted:\n\"Under FORTIFY_SOURCE we should not copy data across multiple members\nin a structure.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35944",
"url": "https://www.suse.com/security/cve/CVE-2024-35944"
},
{
"category": "external",
"summary": "SUSE Bug 1224648 for CVE-2024-35944",
"url": "https://bugzilla.suse.com/1224648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Fix possible use-after-free issue on kprobe registration\n\nWhen unloading a module, its state is changing MODULE_STATE_LIVE -\u003e\n MODULE_STATE_GOING -\u003e MODULE_STATE_UNFORMED. Each change will take\na time. `is_module_text_address()` and `__module_text_address()`\nworks with MODULE_STATE_LIVE and MODULE_STATE_GOING.\nIf we use `is_module_text_address()` and `__module_text_address()`\nseparately, there is a chance that the first one is succeeded but the\nnext one is failed because module-\u003estate becomes MODULE_STATE_UNFORMED\nbetween those operations.\n\nIn `check_kprobe_address_safe()`, if the second `__module_text_address()`\nis failed, that is ignored because it expected a kernel_text address.\nBut it may have failed simply because module-\u003estate has been changed\nto MODULE_STATE_UNFORMED. In this case, arm_kprobe() will try to modify\nnon-exist module text address (use-after-free).\n\nTo fix this problem, we should not use separated `is_module_text_address()`\nand `__module_text_address()`, but use only `__module_text_address()`\nonce and do `try_module_get(module)` which is only available with\nMODULE_STATE_LIVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35955",
"url": "https://www.suse.com/security/cve/CVE-2024-35955"
},
{
"category": "external",
"summary": "SUSE Bug 1224676 for CVE-2024-35955",
"url": "https://bugzilla.suse.com/1224676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr\n\nAlthough ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it\nstill means hlist_for_each_entry_rcu can return an item that got removed\nfrom the list. The memory itself of such item is not freed thanks to RCU\nbut nothing guarantees the actual content of the memory is sane.\n\nIn particular, the reference count can be zero. This can happen if\nipv6_del_addr is called in parallel. ipv6_del_addr removes the entry\nfrom inet6_addr_lst (hlist_del_init_rcu(\u0026ifp-\u003eaddr_lst)) and drops all\nreferences (__in6_ifa_put(ifp) + in6_ifa_put(ifp)). With bad enough\ntiming, this can happen:\n\n1. In ipv6_get_ifaddr, hlist_for_each_entry_rcu returns an entry.\n\n2. Then, the whole ipv6_del_addr is executed for the given entry. The\n reference count drops to zero and kfree_rcu is scheduled.\n\n3. ipv6_get_ifaddr continues and tries to increments the reference count\n (in6_ifa_hold).\n\n4. The rcu is unlocked and the entry is freed.\n\n5. The freed entry is returned.\n\nPrevent increasing of the reference count in such case. The name\nin6_ifa_hold_safe is chosen to mimic the existing fib6_info_hold_safe.\n\n[ 41.506330] refcount_t: addition on 0; use-after-free.\n[ 41.506760] WARNING: CPU: 0 PID: 595 at lib/refcount.c:25 refcount_warn_saturate+0xa5/0x130\n[ 41.507413] Modules linked in: veth bridge stp llc\n[ 41.507821] CPU: 0 PID: 595 Comm: python3 Not tainted 6.9.0-rc2.main-00208-g49563be82afa #14\n[ 41.508479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n[ 41.509163] RIP: 0010:refcount_warn_saturate+0xa5/0x130\n[ 41.509586] Code: ad ff 90 0f 0b 90 90 c3 cc cc cc cc 80 3d c0 30 ad 01 00 75 a0 c6 05 b7 30 ad 01 01 90 48 c7 c7 38 cc 7a 8c e8 cc 18 ad ff 90 \u003c0f\u003e 0b 90 90 c3 cc cc cc cc 80 3d 98 30 ad 01 00 0f 85 75 ff ff ff\n[ 41.510956] RSP: 0018:ffffbda3c026baf0 EFLAGS: 00010282\n[ 41.511368] RAX: 0000000000000000 RBX: ffff9e9c46914800 RCX: 0000000000000000\n[ 41.511910] RDX: ffff9e9c7ec29c00 RSI: ffff9e9c7ec1c900 RDI: ffff9e9c7ec1c900\n[ 41.512445] RBP: ffff9e9c43660c9c R08: 0000000000009ffb R09: 00000000ffffdfff\n[ 41.512998] R10: 00000000ffffdfff R11: ffffffff8ca58a40 R12: ffff9e9c4339a000\n[ 41.513534] R13: 0000000000000001 R14: ffff9e9c438a0000 R15: ffffbda3c026bb48\n[ 41.514086] FS: 00007fbc4cda1740(0000) GS:ffff9e9c7ec00000(0000) knlGS:0000000000000000\n[ 41.514726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 41.515176] CR2: 000056233b337d88 CR3: 000000000376e006 CR4: 0000000000370ef0\n[ 41.515713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 41.516252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 41.516799] Call Trace:\n[ 41.517037] \u003cTASK\u003e\n[ 41.517249] ? __warn+0x7b/0x120\n[ 41.517535] ? refcount_warn_saturate+0xa5/0x130\n[ 41.517923] ? report_bug+0x164/0x190\n[ 41.518240] ? handle_bug+0x3d/0x70\n[ 41.518541] ? exc_invalid_op+0x17/0x70\n[ 41.520972] ? asm_exc_invalid_op+0x1a/0x20\n[ 41.521325] ? refcount_warn_saturate+0xa5/0x130\n[ 41.521708] ipv6_get_ifaddr+0xda/0xe0\n[ 41.522035] inet6_rtm_getaddr+0x342/0x3f0\n[ 41.522376] ? __pfx_inet6_rtm_getaddr+0x10/0x10\n[ 41.522758] rtnetlink_rcv_msg+0x334/0x3d0\n[ 41.523102] ? netlink_unicast+0x30f/0x390\n[ 41.523445] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n[ 41.523832] netlink_rcv_skb+0x53/0x100\n[ 41.524157] netlink_unicast+0x23b/0x390\n[ 41.524484] netlink_sendmsg+0x1f2/0x440\n[ 41.524826] __sys_sendto+0x1d8/0x1f0\n[ 41.525145] __x64_sys_sendto+0x1f/0x30\n[ 41.525467] do_syscall_64+0xa5/0x1b0\n[ 41.525794] entry_SYSCALL_64_after_hwframe+0x72/0x7a\n[ 41.526213] RIP: 0033:0x7fbc4cfcea9a\n[ 41.526528] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89\n[ 41.527942] RSP: 002b:00007f\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35969",
"url": "https://www.suse.com/security/cve/CVE-2024-35969"
},
{
"category": "external",
"summary": "SUSE Bug 1224580 for CVE-2024-35969",
"url": "https://bugzilla.suse.com/1224580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid infinite loop trying to resize local TT\n\nIf the MTU of one of an attached interface becomes too small to transmit\nthe local translation table then it must be resized to fit inside all\nfragments (when enabled) or a single packet.\n\nBut if the MTU becomes too low to transmit even the header + the VLAN\nspecific part then the resizing of the local TT will never succeed. This\ncan for example happen when the usable space is 110 bytes and 11 VLANs are\non top of batman-adv. In this case, at least 116 byte would be needed.\nThere will just be an endless spam of\n\n batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)\n\nin the log but the function will never finish. Problem here is that the\ntimeout will be halved all the time and will then stagnate at 0 and\ntherefore never be able to reduce the table even more.\n\nThere are other scenarios possible with a similar result. The number of\nBATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too\nhigh to fit inside a packet. Such a scenario can therefore happen also with\nonly a single VLAN + 7 non-purgable addresses - requiring at least 120\nbytes.\n\nWhile this should be handled proactively when:\n\n* interface with too low MTU is added\n* VLAN is added\n* non-purgeable local mac is added\n* MTU of an attached interface is reduced\n* fragmentation setting gets disabled (which most likely requires dropping\n attached interfaces)\n\nnot all of these scenarios can be prevented because batman-adv is only\nconsuming events without the the possibility to prevent these actions\n(non-purgable MAC address added, MTU of an attached interface is reduced).\nIt is therefore necessary to also make sure that the code is able to handle\nalso the situations when there were already incompatible system\nconfiguration are present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35982",
"url": "https://www.suse.com/security/cve/CVE-2024-35982"
},
{
"category": "external",
"summary": "SUSE Bug 1224566 for CVE-2024-35982",
"url": "https://bugzilla.suse.com/1224566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-35984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: smbus: fix NULL function pointer dereference\n\nBaruch reported an OOPS when using the designware controller as target\nonly. Target-only modes break the assumption of one transfer function\nalways being available. Fix this by always checking the pointer in\n__i2c_transfer.\n\n[wsa: dropped the simplification in core-smbus to avoid theoretical regressions]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35984",
"url": "https://www.suse.com/security/cve/CVE-2024-35984"
},
{
"category": "external",
"summary": "SUSE Bug 1224567 for CVE-2024-35984",
"url": "https://bugzilla.suse.com/1224567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35984"
},
{
"cve": "CVE-2024-36015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36015",
"url": "https://www.suse.com/security/cve/CVE-2024-36015"
},
{
"category": "external",
"summary": "SUSE Bug 1225640 for CVE-2024-36015",
"url": "https://bugzilla.suse.com/1225640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-msm: pervent access to suspended controller\n\nGeneric sdhci code registers LED device and uses host-\u003eruntime_suspended\nflag to protect access to it. The sdhci-msm driver doesn\u0027t set this flag,\nwhich causes a crash when LED is accessed while controller is runtime\nsuspended. Fix this by setting the flag correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36029",
"url": "https://www.suse.com/security/cve/CVE-2024-36029"
},
{
"category": "external",
"summary": "SUSE Bug 1225708 for CVE-2024-36029",
"url": "https://bugzilla.suse.com/1225708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-36029"
},
{
"cve": "CVE-2024-36954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36954",
"url": "https://www.suse.com/security/cve/CVE-2024-36954"
},
{
"category": "external",
"summary": "SUSE Bug 1225764 for CVE-2024-36954",
"url": "https://bugzilla.suse.com/1225764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.188.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.188.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T07:41:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-36954"
}
]
}
suse-su-2024:1983-1
Vulnerability from csaf_suse
Published
2024-06-11 10:56
Modified
2024-06-11 10:56
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2022-48686: Fix UAF when detecting digest errors (bsc#1223948).
- CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
- CVE-2022-48697: Fix a use-after-free (bsc#1223922).
- CVE-2024-26846: Do not wait in vain when unloading module (bsc#1223023).
- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)
- CVE-2023-42755: Check user supplied offsets (bsc#1215702).
- CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).
- CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).
- CVE-2021-47246: Fix page reclaim for dead peer hairpin (bsc#1224831).
- CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace (bsc#1225222).
- CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)
- CVE-2021-47548: Fixed a possible array out-of-bounds (bsc#1225506)
- CVE-2024-36029: Pervent access to suspended controller (bsc#1225708)
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2021-47352: Add validation for used length (bsc#1225124).
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)
- CVE-2021-47431: Fix gart.bo pin_count leak (bsc#1225390).
- CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2021-47423: Fix file release memory leak (bsc#1225366).
- CVE-2022-48710: Fix a possible null pointer dereference (bsc#1225230).
- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
- CVE-2024-35932: Do not check if plane->state->fb == state->fb (bsc#1224650).
- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
- CVE-2024-35809: Drain runtime-idle callbacks before driver removal (bsc#1224738).
- CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).
- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
- CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35982: Avoid infinite loop trying to resize local TT (bsc#1224566)
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot accesses (bsc#1224960).
- CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725).
- CVE-2021-47401: Fix stack information leak (bsc#1225242).
- CVE-2023-52867: Fix possible buffer overflow (bsc#1225009).
- CVE-2023-52821: Fix a possible null pointer dereference (bsc#1225022).
- CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)
- CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).
- CVE-2021-47361: Fix error handling in mcb_alloc_bus() (bsc#1225151).
- CVE-2023-52864: Fix opening of char device (bsc#1225132).
- CVE-2022-48708: Fix potential NULL dereference (bsc#1224942).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2021-47238: Fix memory leak in ip_mc_add1_src (bsc#1224847)
- CVE-2023-52730: Fix possible resource leaks in some error paths (bsc#1224956).
- CVE-2021-47355: Fix possible use-after-free in nicstar_cleanup() (bsc#1225141).
- CVE-2021-47245: Fix out of bounds when parsing TCP options (bsc#1224838)
- CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).
- CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)
- CVE-2021-47249: Fix memory leak in rds_recvmsg (bsc#1224880)
- CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1225082)
- CVE-2021-47250: Fix memory leak in netlbl_cipsov4_add_std (bsc#1224827)
- CVE-2024-35849: Fix information leak in btrfs_ioctl_logical_to_ino() (bsc#1224733).
- CVE-2024-27436: Stop parsing channels bits when all channels are found (bsc#1224803).
- CVE-2021-47281: Fix race of snd_seq_timer_open() (bsc#1224983).
- CVE-2024-35789: Clear fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35830: Register v4l2 async device only after successful setup (bsc#1224680).
- CVE-2021-47334: Fix two use after free in ibmasm_init_one (bsc#1225112).
- CVE-2021-47357: Fix possible use-after-free in ia_module_exit() (bsc#1225144).
- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).
- CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086).
- CVE-2024-35887: Fix use-after-free bugs caused by ax25_ds_del_timer (bzg#1224663)
- CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit() (bsc#1224907).
- CVE-2024-26957: Fix reference counting on zcrypt card objects (bsc#1223666).
- CVE-2023-52691: Fix a double-free in si_dpm_init (bsc#1224607).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).
- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-26984: Fix instmem race condition around ptr stores (bsc#1223633)
- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
- CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)
- CVE-2021-47206: Check return value after calling platform_get_resource() (bsc#1222894).
- CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)
- CVE-2024-26996: Fix UAF ncm object at re-bind after usb ep transport error (bsc#1223752).
- CVE-2024-26874: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (bsc#1223048)
- CVE-2022-48702: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923).
- CVE-2022-48672: Fix off-by-one error in unflatten_dt_nodes() (bsc#1223931).
- CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2024-27008: Fix out of bounds access (bsc#1223802).
- CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
The following non-security bugs were fixed:
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- assoc_array: Fix BUG_ON during garbage collect.
- autofs: fix a leak in autofs_expire_indirect() (git-fixes)
- Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working (git-fixes).
- btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit (git-fixes)
- btrfs: check if root is readonly while setting security xattr (git-fixes)
- btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (git-fixes)
- btrfs: do not get an EINTR during drop_snapshot for reloc (git-fixes)
- btrfs: do not stop integrity writeback too early (git-fixes)
- btrfs: Explicitly handle btrfs_update_root failure (git-fixes)
- btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP (git-fixes)
- btrfs: fix btrfs_prev_leaf() to not return the same key twice (git-fixes)
- btrfs: fix deadlock when writing out space cache (git-fixes)
- Btrfs: fix incorrect {node,sector}size endianness from BTRFS_IOC_FS_INFO (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix lost error handling when looking up extended ref on log replay (git-fixes)
- btrfs: Fix NULL pointer exception in find_bio_stripe (git-fixes)
- btrfs: Fix out of bounds access in btrfs_search_slot (git-fixes)
- btrfs: fix race when deleting quota root from the dirty cow roots list (git-fixes)
- btrfs: fix range_end calculation in extent_write_locked_range (git-fixes)
- btrfs: fix return value mixup in btrfs_get_extent (git-fixes)
- btrfs: fix unaligned access in readdir (git-fixes)
- btrfs: limit device extents to the device size (git-fixes)
- btrfs: prevent to set invalid default subvolid (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: scrub: reject unsupported scrub flags (git-fixes)
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: in case of IO error log it (git-fixes)
- btrfs: send: limit number of clones and allocated memory size (git-fixes)
- btrfs: sysfs: use NOFS for device creation (git-fixes) Adjustment: add #include
- btrfs: tree-checker: add missing return after error in root_item (git-fixes)
- btrfs: tree-checker: add missing returns after data_ref alignment checks (git-fixes)
- btrfs: tree-checker: do not error out if extent ref hash does not match (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: tree-checker: Fix misleading group system information (git-fixes)
- btrfs: undo writable superblocke when sprouting fails (git-fixes)
- btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (git-fixes)
- ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() (git-fixes)
- ecryptfs: fix a memory leak bug in parse_tag_1_packet() (git-fixes)
- ecryptfs: fix kernel panic with null dev_name (git-fixes)
- ecryptfs: Fix typo in message (git-fixes)
- ep_create_wakeup_source(): dentry name can change under you (git-fixes)
- exportfs_decode_fh(): negative pinned may become positive without the parent locked (git-fixes)
- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes (git-fixes)
- fscrypt: clean up some BUG_ON()s in block encryption/decryption (git-fixes)
- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (git-fixes).
- ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1225059).
- l2tp: pass correct message length to ip6_append_data (git-fixes).
- lib/mpi: use kcalloc in mpi_resize (git-fixes).
- list: fix a data-race around ep->rdllist (git-fixes).
- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).
- net/smc: fix fallback failed while sendmsg with fastopen (git-fixes).
- net/tls: Remove the context from the list in tls_device_down (bsc#1221545).
- netfilter: nf_queue: augment nfqa_cfg_policy (git-fixes).
- netfilter: nft_compat: explicitly reject ERROR and standard target (git-fixes).
- netfilter: x_tables: set module owner for icmp(6) matches (git-fixes).
- nfc: change order inside nfc_se_io error path (git-fixes).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- ppdev: Add an error check in register_device (git-fixes).
- printk: Disable passing console lock owner completely during panic() (bsc#1197894).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1223969).
- rds: avoid unenecessary cong_update in loop transport (git-fixes).
- rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp (git-fixes).
- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (bsc#1222893).
- rxrpc: Do not put crypto buffers on the stack (git-fixes).
- rxrpc: Fix a memory leak in rxkad_verify_response() (git-fixes).
- rxrpc: Provide a different lockdep key for call->user_mutex for kernel calls (git-fixes).
- rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing (git-fixes).
- rxrpc: Work around usercopy check (git-fixes).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224347).
- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1225062).
- tcp: tcp_make_synack() can be called from process context (git-fixes).
- tls: Fix context leak on tls_device_down (bsc#1221545).
- tracing: Fix blocked reader of snapshot buffer (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tracing: Use strncpy instead of memcpy when copying comm in trace.c (git-fixes).
- tty/sysrq: replace smp_processor_id() with get_cpu() (bsc#1223540).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- wifi: cfg80211: avoid leaking stack data into trace (git-fixes).
- wifi: radiotap: fix kernel-doc notation warnings (git-fixes).
Patchnames
SUSE-2024-1983,SUSE-SLE-RT-12-SP5-2024-1983
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).\n- CVE-2022-48686: Fix UAF when detecting digest errors (bsc#1223948).\n- CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).\n- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).\n- CVE-2022-48697: Fix a use-after-free (bsc#1223922).\n- CVE-2024-26846: Do not wait in vain when unloading module (bsc#1223023).\n- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)\n- CVE-2023-42755: Check user supplied offsets (bsc#1215702).\n- CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).\n- CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).\n- CVE-2021-47246: Fix page reclaim for dead peer hairpin (bsc#1224831).\n- CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace (bsc#1225222).\n- CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)\n- CVE-2021-47548: Fixed a possible array out-of-bounds (bsc#1225506)\n- CVE-2024-36029: Pervent access to suspended controller (bsc#1225708)\n- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)\n- CVE-2021-47352: Add validation for used length (bsc#1225124).\n- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)\n- CVE-2021-47431: Fix gart.bo pin_count leak (bsc#1225390).\n- CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).\n- CVE-2021-47423: Fix file release memory leak (bsc#1225366).\n- CVE-2022-48710: Fix a possible null pointer dereference (bsc#1225230).\n- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).\n- CVE-2024-35932: Do not check if plane-\u003estate-\u003efb == state-\u003efb (bsc#1224650).\n- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).\n- CVE-2024-35809: Drain runtime-idle callbacks before driver removal (bsc#1224738).\n- CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).\n- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).\n- CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).\n- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).\n- CVE-2024-35982: Avoid infinite loop trying to resize local TT (bsc#1224566)\n- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).\n- CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot accesses (bsc#1224960).\n- CVE-2024-35791: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region() (bsc#1224725).\n- CVE-2021-47401: Fix stack information leak (bsc#1225242).\n- CVE-2023-52867: Fix possible buffer overflow (bsc#1225009).\n- CVE-2023-52821: Fix a possible null pointer dereference (bsc#1225022).\n- CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)\n- CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).\n- CVE-2021-47361: Fix error handling in mcb_alloc_bus() (bsc#1225151).\n- CVE-2023-52864: Fix opening of char device (bsc#1225132).\n- CVE-2022-48708: Fix potential NULL dereference (bsc#1224942).\n- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).\n- CVE-2021-47238: Fix memory leak in ip_mc_add1_src (bsc#1224847)\n- CVE-2023-52730: Fix possible resource leaks in some error paths (bsc#1224956).\n- CVE-2021-47355: Fix possible use-after-free in nicstar_cleanup() (bsc#1225141).\n- CVE-2021-47245: Fix out of bounds when parsing TCP options (bsc#1224838)\n- CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).\n- CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)\n- CVE-2021-47249: Fix memory leak in rds_recvmsg (bsc#1224880)\n- CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1225082)\n- CVE-2021-47250: Fix memory leak in netlbl_cipsov4_add_std (bsc#1224827)\n- CVE-2024-35849: Fix information leak in btrfs_ioctl_logical_to_ino() (bsc#1224733).\n- CVE-2024-27436: Stop parsing channels bits when all channels are found (bsc#1224803).\n- CVE-2021-47281: Fix race of snd_seq_timer_open() (bsc#1224983).\n- CVE-2024-35789: Clear fast rx for non-4addr sta VLAN changes (bsc#1224749).\n- CVE-2024-35830: Register v4l2 async device only after successful setup (bsc#1224680).\n- CVE-2021-47334: Fix two use after free in ibmasm_init_one (bsc#1225112).\n- CVE-2021-47357: Fix possible use-after-free in ia_module_exit() (bsc#1225144).\n- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).\n- CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086).\n- CVE-2024-35887: Fix use-after-free bugs caused by ax25_ds_del_timer (bzg#1224663)\n- CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit() (bsc#1224907).\n- CVE-2024-26957: Fix reference counting on zcrypt card objects (bsc#1223666).\n- CVE-2023-52691: Fix a double-free in si_dpm_init (bsc#1224607).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).\n- CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).\n- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).\n- CVE-2024-26984: Fix instmem race condition around ptr stores (bsc#1223633)\n- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).\n- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).\n- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).\n- CVE-2024-26900: Fixed kmemleak of rdev-\u003eserial (bsc#1223046).\n- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).\n- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).\n- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).\n- CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)\n- CVE-2021-47206: Check return value after calling platform_get_resource() (bsc#1222894).\n- CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)\n- CVE-2024-26996: Fix UAF ncm object at re-bind after usb ep transport error (bsc#1223752).\n- CVE-2024-26874: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (bsc#1223048)\n- CVE-2022-48702: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923).\n- CVE-2022-48672: Fix off-by-one error in unflatten_dt_nodes() (bsc#1223931).\n- CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).\n- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)\n- CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).\n- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).\n- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).\n- CVE-2024-27008: Fix out of bounds access (bsc#1223802).\n- CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).\n- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).\n\nThe following non-security bugs were fixed:\n\n- af_unix: annote lockless accesses to unix_tot_inflight \u0026 gc_in_progress (bsc#1223384).\n- af_unix: Do not use atomic ops for unix_sk(sk)-\u003einflight (bsc#1223384).\n- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).\n- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).\n- assoc_array: Fix BUG_ON during garbage collect.\n- autofs: fix a leak in autofs_expire_indirect() (git-fixes)\n- Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working (git-fixes).\n- btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit (git-fixes)\n- btrfs: check if root is readonly while setting security xattr (git-fixes)\n- btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (git-fixes)\n- btrfs: do not get an EINTR during drop_snapshot for reloc (git-fixes)\n- btrfs: do not stop integrity writeback too early (git-fixes)\n- btrfs: Explicitly handle btrfs_update_root failure (git-fixes)\n- btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP (git-fixes)\n- btrfs: fix btrfs_prev_leaf() to not return the same key twice (git-fixes)\n- btrfs: fix deadlock when writing out space cache (git-fixes)\n- Btrfs: fix incorrect {node,sector}size endianness from BTRFS_IOC_FS_INFO (git-fixes)\n- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)\n- btrfs: fix lost error handling when looking up extended ref on log replay (git-fixes)\n- btrfs: Fix NULL pointer exception in find_bio_stripe (git-fixes)\n- btrfs: Fix out of bounds access in btrfs_search_slot (git-fixes)\n- btrfs: fix race when deleting quota root from the dirty cow roots list (git-fixes)\n- btrfs: fix range_end calculation in extent_write_locked_range (git-fixes)\n- btrfs: fix return value mixup in btrfs_get_extent (git-fixes)\n- btrfs: fix unaligned access in readdir (git-fixes)\n- btrfs: limit device extents to the device size (git-fixes)\n- btrfs: prevent to set invalid default subvolid (git-fixes)\n- btrfs: record delayed inode root in transaction (git-fixes)\n- btrfs: scrub: reject unsupported scrub flags (git-fixes)\n- btrfs: send: ensure send_fd is writable (git-fixes)\n- btrfs: send: in case of IO error log it (git-fixes)\n- btrfs: send: limit number of clones and allocated memory size (git-fixes)\n- btrfs: sysfs: use NOFS for device creation (git-fixes) Adjustment: add #include\n- btrfs: tree-checker: add missing return after error in root_item (git-fixes)\n- btrfs: tree-checker: add missing returns after data_ref alignment checks (git-fixes)\n- btrfs: tree-checker: do not error out if extent ref hash does not match (git-fixes)\n- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)\n- btrfs: tree-checker: Fix misleading group system information (git-fixes)\n- btrfs: undo writable superblocke when sprouting fails (git-fixes)\n- btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (git-fixes)\n- ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() (git-fixes)\n- ecryptfs: fix a memory leak bug in parse_tag_1_packet() (git-fixes)\n- ecryptfs: fix kernel panic with null dev_name (git-fixes)\n- ecryptfs: Fix typo in message (git-fixes)\n- ep_create_wakeup_source(): dentry name can change under you (git-fixes)\n- exportfs_decode_fh(): negative pinned may become positive without the parent locked (git-fixes)\n- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes (git-fixes)\n- fscrypt: clean up some BUG_ON()s in block encryption/decryption (git-fixes)\n- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (git-fixes).\n- ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1225059).\n- l2tp: pass correct message length to ip6_append_data (git-fixes).\n- lib/mpi: use kcalloc in mpi_resize (git-fixes).\n- list: fix a data-race around ep-\u003erdllist (git-fixes).\n- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).\n- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: smsc95xx: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: sr9700: stop lying about skb-\u003etruesize (git-fixes).\n- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).\n- net/smc: fix fallback failed while sendmsg with fastopen (git-fixes).\n- net/tls: Remove the context from the list in tls_device_down (bsc#1221545).\n- netfilter: nf_queue: augment nfqa_cfg_policy (git-fixes).\n- netfilter: nft_compat: explicitly reject ERROR and standard target (git-fixes).\n- netfilter: x_tables: set module owner for icmp(6) matches (git-fixes).\n- nfc: change order inside nfc_se_io error path (git-fixes).\n- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).\n- ppdev: Add an error check in register_device (git-fixes).\n- printk: Disable passing console lock owner completely during panic() (bsc#1197894).\n- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1223969).\n- rds: avoid unenecessary cong_update in loop transport (git-fixes).\n- rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp (git-fixes).\n- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).\n- ring-buffer: Fix a race between readers and resize checks (bsc#1222893).\n- rxrpc: Do not put crypto buffers on the stack (git-fixes).\n- rxrpc: Fix a memory leak in rxkad_verify_response() (git-fixes).\n- rxrpc: Provide a different lockdep key for call-\u003euser_mutex for kernel calls (git-fixes).\n- rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing (git-fixes).\n- rxrpc: Work around usercopy check (git-fixes).\n- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224347).\n- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1225062).\n- tcp: tcp_make_synack() can be called from process context (git-fixes).\n- tls: Fix context leak on tls_device_down (bsc#1221545).\n- tracing: Fix blocked reader of snapshot buffer (git-fixes).\n- tracing: hide unused ftrace_event_id_fops (git-fixes).\n- tracing: Use .flush() call to wake up readers (git-fixes).\n- tracing: Use strncpy instead of memcpy when copying comm in trace.c (git-fixes).\n- tty/sysrq: replace smp_processor_id() with get_cpu() (bsc#1223540).\n- usb: aqc111: stop lying about skb-\u003etruesize (git-fixes).\n- wifi: cfg80211: avoid leaking stack data into trace (git-fixes).\n- wifi: radiotap: fix kernel-doc notation warnings (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1983,SUSE-SLE-RT-12-SP5-2024-1983",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1983-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1983-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241983-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1983-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035554.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1101816",
"url": "https://bugzilla.suse.com/1101816"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1181674",
"url": "https://bugzilla.suse.com/1181674"
},
{
"category": "self",
"summary": "SUSE Bug 1185902",
"url": "https://bugzilla.suse.com/1185902"
},
{
"category": "self",
"summary": "SUSE Bug 1187716",
"url": "https://bugzilla.suse.com/1187716"
},
{
"category": "self",
"summary": "SUSE Bug 1188616",
"url": "https://bugzilla.suse.com/1188616"
},
{
"category": "self",
"summary": "SUSE Bug 1190317",
"url": "https://bugzilla.suse.com/1190317"
},
{
"category": "self",
"summary": "SUSE Bug 1190795",
"url": "https://bugzilla.suse.com/1190795"
},
{
"category": "self",
"summary": "SUSE Bug 1191452",
"url": "https://bugzilla.suse.com/1191452"
},
{
"category": "self",
"summary": "SUSE Bug 1194591",
"url": "https://bugzilla.suse.com/1194591"
},
{
"category": "self",
"summary": "SUSE Bug 1197760",
"url": "https://bugzilla.suse.com/1197760"
},
{
"category": "self",
"summary": "SUSE Bug 1197894",
"url": "https://bugzilla.suse.com/1197894"
},
{
"category": "self",
"summary": "SUSE Bug 1203935",
"url": "https://bugzilla.suse.com/1203935"
},
{
"category": "self",
"summary": "SUSE Bug 1206213",
"url": "https://bugzilla.suse.com/1206213"
},
{
"category": "self",
"summary": "SUSE Bug 1206646",
"url": "https://bugzilla.suse.com/1206646"
},
{
"category": "self",
"summary": "SUSE Bug 1207186",
"url": "https://bugzilla.suse.com/1207186"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1210335",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "self",
"summary": "SUSE Bug 1215702",
"url": "https://bugzilla.suse.com/1215702"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217169",
"url": "https://bugzilla.suse.com/1217169"
},
{
"category": "self",
"summary": "SUSE Bug 1217519",
"url": "https://bugzilla.suse.com/1217519"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1220487",
"url": "https://bugzilla.suse.com/1220487"
},
{
"category": "self",
"summary": "SUSE Bug 1220513",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "self",
"summary": "SUSE Bug 1220854",
"url": "https://bugzilla.suse.com/1220854"
},
{
"category": "self",
"summary": "SUSE Bug 1220928",
"url": "https://bugzilla.suse.com/1220928"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221081",
"url": "https://bugzilla.suse.com/1221081"
},
{
"category": "self",
"summary": "SUSE Bug 1221086",
"url": "https://bugzilla.suse.com/1221086"
},
{
"category": "self",
"summary": "SUSE Bug 1221543",
"url": "https://bugzilla.suse.com/1221543"
},
{
"category": "self",
"summary": "SUSE Bug 1221545",
"url": "https://bugzilla.suse.com/1221545"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1221994",
"url": "https://bugzilla.suse.com/1221994"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222627",
"url": "https://bugzilla.suse.com/1222627"
},
{
"category": "self",
"summary": "SUSE Bug 1222667",
"url": "https://bugzilla.suse.com/1222667"
},
{
"category": "self",
"summary": "SUSE Bug 1222671",
"url": "https://bugzilla.suse.com/1222671"
},
{
"category": "self",
"summary": "SUSE Bug 1222793",
"url": "https://bugzilla.suse.com/1222793"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1222894",
"url": "https://bugzilla.suse.com/1222894"
},
{
"category": "self",
"summary": "SUSE Bug 1223023",
"url": "https://bugzilla.suse.com/1223023"
},
{
"category": "self",
"summary": "SUSE Bug 1223046",
"url": "https://bugzilla.suse.com/1223046"
},
{
"category": "self",
"summary": "SUSE Bug 1223048",
"url": "https://bugzilla.suse.com/1223048"
},
{
"category": "self",
"summary": "SUSE Bug 1223084",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "self",
"summary": "SUSE Bug 1223119",
"url": "https://bugzilla.suse.com/1223119"
},
{
"category": "self",
"summary": "SUSE Bug 1223138",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "self",
"summary": "SUSE Bug 1223207",
"url": "https://bugzilla.suse.com/1223207"
},
{
"category": "self",
"summary": "SUSE Bug 1223360",
"url": "https://bugzilla.suse.com/1223360"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223432",
"url": "https://bugzilla.suse.com/1223432"
},
{
"category": "self",
"summary": "SUSE Bug 1223509",
"url": "https://bugzilla.suse.com/1223509"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223539",
"url": "https://bugzilla.suse.com/1223539"
},
{
"category": "self",
"summary": "SUSE Bug 1223540",
"url": "https://bugzilla.suse.com/1223540"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223627",
"url": "https://bugzilla.suse.com/1223627"
},
{
"category": "self",
"summary": "SUSE Bug 1223633",
"url": "https://bugzilla.suse.com/1223633"
},
{
"category": "self",
"summary": "SUSE Bug 1223653",
"url": "https://bugzilla.suse.com/1223653"
},
{
"category": "self",
"summary": "SUSE Bug 1223666",
"url": "https://bugzilla.suse.com/1223666"
},
{
"category": "self",
"summary": "SUSE Bug 1223671",
"url": "https://bugzilla.suse.com/1223671"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223738",
"url": "https://bugzilla.suse.com/1223738"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223752",
"url": "https://bugzilla.suse.com/1223752"
},
{
"category": "self",
"summary": "SUSE Bug 1223802",
"url": "https://bugzilla.suse.com/1223802"
},
{
"category": "self",
"summary": "SUSE Bug 1223819",
"url": "https://bugzilla.suse.com/1223819"
},
{
"category": "self",
"summary": "SUSE Bug 1223834",
"url": "https://bugzilla.suse.com/1223834"
},
{
"category": "self",
"summary": "SUSE Bug 1223922",
"url": "https://bugzilla.suse.com/1223922"
},
{
"category": "self",
"summary": "SUSE Bug 1223923",
"url": "https://bugzilla.suse.com/1223923"
},
{
"category": "self",
"summary": "SUSE Bug 1223931",
"url": "https://bugzilla.suse.com/1223931"
},
{
"category": "self",
"summary": "SUSE Bug 1223932",
"url": "https://bugzilla.suse.com/1223932"
},
{
"category": "self",
"summary": "SUSE Bug 1223948",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "self",
"summary": "SUSE Bug 1223969",
"url": "https://bugzilla.suse.com/1223969"
},
{
"category": "self",
"summary": "SUSE Bug 1224096",
"url": "https://bugzilla.suse.com/1224096"
},
{
"category": "self",
"summary": "SUSE Bug 1224174",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "self",
"summary": "SUSE Bug 1224181",
"url": "https://bugzilla.suse.com/1224181"
},
{
"category": "self",
"summary": "SUSE Bug 1224347",
"url": "https://bugzilla.suse.com/1224347"
},
{
"category": "self",
"summary": "SUSE Bug 1224482",
"url": "https://bugzilla.suse.com/1224482"
},
{
"category": "self",
"summary": "SUSE Bug 1224511",
"url": "https://bugzilla.suse.com/1224511"
},
{
"category": "self",
"summary": "SUSE Bug 1224525",
"url": "https://bugzilla.suse.com/1224525"
},
{
"category": "self",
"summary": "SUSE Bug 1224566",
"url": "https://bugzilla.suse.com/1224566"
},
{
"category": "self",
"summary": "SUSE Bug 1224580",
"url": "https://bugzilla.suse.com/1224580"
},
{
"category": "self",
"summary": "SUSE Bug 1224592",
"url": "https://bugzilla.suse.com/1224592"
},
{
"category": "self",
"summary": "SUSE Bug 1224601",
"url": "https://bugzilla.suse.com/1224601"
},
{
"category": "self",
"summary": "SUSE Bug 1224607",
"url": "https://bugzilla.suse.com/1224607"
},
{
"category": "self",
"summary": "SUSE Bug 1224621",
"url": "https://bugzilla.suse.com/1224621"
},
{
"category": "self",
"summary": "SUSE Bug 1224644",
"url": "https://bugzilla.suse.com/1224644"
},
{
"category": "self",
"summary": "SUSE Bug 1224645",
"url": "https://bugzilla.suse.com/1224645"
},
{
"category": "self",
"summary": "SUSE Bug 1224648",
"url": "https://bugzilla.suse.com/1224648"
},
{
"category": "self",
"summary": "SUSE Bug 1224650",
"url": "https://bugzilla.suse.com/1224650"
},
{
"category": "self",
"summary": "SUSE Bug 1224663",
"url": "https://bugzilla.suse.com/1224663"
},
{
"category": "self",
"summary": "SUSE Bug 1224671",
"url": "https://bugzilla.suse.com/1224671"
},
{
"category": "self",
"summary": "SUSE Bug 1224676",
"url": "https://bugzilla.suse.com/1224676"
},
{
"category": "self",
"summary": "SUSE Bug 1224680",
"url": "https://bugzilla.suse.com/1224680"
},
{
"category": "self",
"summary": "SUSE Bug 1224682",
"url": "https://bugzilla.suse.com/1224682"
},
{
"category": "self",
"summary": "SUSE Bug 1224725",
"url": "https://bugzilla.suse.com/1224725"
},
{
"category": "self",
"summary": "SUSE Bug 1224728",
"url": "https://bugzilla.suse.com/1224728"
},
{
"category": "self",
"summary": "SUSE Bug 1224733",
"url": "https://bugzilla.suse.com/1224733"
},
{
"category": "self",
"summary": "SUSE Bug 1224738",
"url": "https://bugzilla.suse.com/1224738"
},
{
"category": "self",
"summary": "SUSE Bug 1224747",
"url": "https://bugzilla.suse.com/1224747"
},
{
"category": "self",
"summary": "SUSE Bug 1224749",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "self",
"summary": "SUSE Bug 1224759",
"url": "https://bugzilla.suse.com/1224759"
},
{
"category": "self",
"summary": "SUSE Bug 1224803",
"url": "https://bugzilla.suse.com/1224803"
},
{
"category": "self",
"summary": "SUSE Bug 1224827",
"url": "https://bugzilla.suse.com/1224827"
},
{
"category": "self",
"summary": "SUSE Bug 1224830",
"url": "https://bugzilla.suse.com/1224830"
},
{
"category": "self",
"summary": "SUSE Bug 1224831",
"url": "https://bugzilla.suse.com/1224831"
},
{
"category": "self",
"summary": "SUSE Bug 1224834",
"url": "https://bugzilla.suse.com/1224834"
},
{
"category": "self",
"summary": "SUSE Bug 1224838",
"url": "https://bugzilla.suse.com/1224838"
},
{
"category": "self",
"summary": "SUSE Bug 1224841",
"url": "https://bugzilla.suse.com/1224841"
},
{
"category": "self",
"summary": "SUSE Bug 1224844",
"url": "https://bugzilla.suse.com/1224844"
},
{
"category": "self",
"summary": "SUSE Bug 1224846",
"url": "https://bugzilla.suse.com/1224846"
},
{
"category": "self",
"summary": "SUSE Bug 1224847",
"url": "https://bugzilla.suse.com/1224847"
},
{
"category": "self",
"summary": "SUSE Bug 1224849",
"url": "https://bugzilla.suse.com/1224849"
},
{
"category": "self",
"summary": "SUSE Bug 1224854",
"url": "https://bugzilla.suse.com/1224854"
},
{
"category": "self",
"summary": "SUSE Bug 1224859",
"url": "https://bugzilla.suse.com/1224859"
},
{
"category": "self",
"summary": "SUSE Bug 1224867",
"url": "https://bugzilla.suse.com/1224867"
},
{
"category": "self",
"summary": "SUSE Bug 1224880",
"url": "https://bugzilla.suse.com/1224880"
},
{
"category": "self",
"summary": "SUSE Bug 1224882",
"url": "https://bugzilla.suse.com/1224882"
},
{
"category": "self",
"summary": "SUSE Bug 1224888",
"url": "https://bugzilla.suse.com/1224888"
},
{
"category": "self",
"summary": "SUSE Bug 1224889",
"url": "https://bugzilla.suse.com/1224889"
},
{
"category": "self",
"summary": "SUSE Bug 1224892",
"url": "https://bugzilla.suse.com/1224892"
},
{
"category": "self",
"summary": "SUSE Bug 1224893",
"url": "https://bugzilla.suse.com/1224893"
},
{
"category": "self",
"summary": "SUSE Bug 1224899",
"url": "https://bugzilla.suse.com/1224899"
},
{
"category": "self",
"summary": "SUSE Bug 1224904",
"url": "https://bugzilla.suse.com/1224904"
},
{
"category": "self",
"summary": "SUSE Bug 1224907",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "self",
"summary": "SUSE Bug 1224916",
"url": "https://bugzilla.suse.com/1224916"
},
{
"category": "self",
"summary": "SUSE Bug 1224917",
"url": "https://bugzilla.suse.com/1224917"
},
{
"category": "self",
"summary": "SUSE Bug 1224922",
"url": "https://bugzilla.suse.com/1224922"
},
{
"category": "self",
"summary": "SUSE Bug 1224926",
"url": "https://bugzilla.suse.com/1224926"
},
{
"category": "self",
"summary": "SUSE Bug 1224930",
"url": "https://bugzilla.suse.com/1224930"
},
{
"category": "self",
"summary": "SUSE Bug 1224931",
"url": "https://bugzilla.suse.com/1224931"
},
{
"category": "self",
"summary": "SUSE Bug 1224942",
"url": "https://bugzilla.suse.com/1224942"
},
{
"category": "self",
"summary": "SUSE Bug 1224954",
"url": "https://bugzilla.suse.com/1224954"
},
{
"category": "self",
"summary": "SUSE Bug 1224956",
"url": "https://bugzilla.suse.com/1224956"
},
{
"category": "self",
"summary": "SUSE Bug 1224957",
"url": "https://bugzilla.suse.com/1224957"
},
{
"category": "self",
"summary": "SUSE Bug 1224959",
"url": "https://bugzilla.suse.com/1224959"
},
{
"category": "self",
"summary": "SUSE Bug 1224960",
"url": "https://bugzilla.suse.com/1224960"
},
{
"category": "self",
"summary": "SUSE Bug 1224961",
"url": "https://bugzilla.suse.com/1224961"
},
{
"category": "self",
"summary": "SUSE Bug 1224963",
"url": "https://bugzilla.suse.com/1224963"
},
{
"category": "self",
"summary": "SUSE Bug 1224966",
"url": "https://bugzilla.suse.com/1224966"
},
{
"category": "self",
"summary": "SUSE Bug 1224968",
"url": "https://bugzilla.suse.com/1224968"
},
{
"category": "self",
"summary": "SUSE Bug 1224981",
"url": "https://bugzilla.suse.com/1224981"
},
{
"category": "self",
"summary": "SUSE Bug 1224982",
"url": "https://bugzilla.suse.com/1224982"
},
{
"category": "self",
"summary": "SUSE Bug 1224983",
"url": "https://bugzilla.suse.com/1224983"
},
{
"category": "self",
"summary": "SUSE Bug 1224987",
"url": "https://bugzilla.suse.com/1224987"
},
{
"category": "self",
"summary": "SUSE Bug 1224990",
"url": "https://bugzilla.suse.com/1224990"
},
{
"category": "self",
"summary": "SUSE Bug 1224996",
"url": "https://bugzilla.suse.com/1224996"
},
{
"category": "self",
"summary": "SUSE Bug 1225008",
"url": "https://bugzilla.suse.com/1225008"
},
{
"category": "self",
"summary": "SUSE Bug 1225009",
"url": "https://bugzilla.suse.com/1225009"
},
{
"category": "self",
"summary": "SUSE Bug 1225010",
"url": "https://bugzilla.suse.com/1225010"
},
{
"category": "self",
"summary": "SUSE Bug 1225022",
"url": "https://bugzilla.suse.com/1225022"
},
{
"category": "self",
"summary": "SUSE Bug 1225026",
"url": "https://bugzilla.suse.com/1225026"
},
{
"category": "self",
"summary": "SUSE Bug 1225030",
"url": "https://bugzilla.suse.com/1225030"
},
{
"category": "self",
"summary": "SUSE Bug 1225054",
"url": "https://bugzilla.suse.com/1225054"
},
{
"category": "self",
"summary": "SUSE Bug 1225058",
"url": "https://bugzilla.suse.com/1225058"
},
{
"category": "self",
"summary": "SUSE Bug 1225059",
"url": "https://bugzilla.suse.com/1225059"
},
{
"category": "self",
"summary": "SUSE Bug 1225060",
"url": "https://bugzilla.suse.com/1225060"
},
{
"category": "self",
"summary": "SUSE Bug 1225062",
"url": "https://bugzilla.suse.com/1225062"
},
{
"category": "self",
"summary": "SUSE Bug 1225082",
"url": "https://bugzilla.suse.com/1225082"
},
{
"category": "self",
"summary": "SUSE Bug 1225084",
"url": "https://bugzilla.suse.com/1225084"
},
{
"category": "self",
"summary": "SUSE Bug 1225086",
"url": "https://bugzilla.suse.com/1225086"
},
{
"category": "self",
"summary": "SUSE Bug 1225092",
"url": "https://bugzilla.suse.com/1225092"
},
{
"category": "self",
"summary": "SUSE Bug 1225096",
"url": "https://bugzilla.suse.com/1225096"
},
{
"category": "self",
"summary": "SUSE Bug 1225112",
"url": "https://bugzilla.suse.com/1225112"
},
{
"category": "self",
"summary": "SUSE Bug 1225124",
"url": "https://bugzilla.suse.com/1225124"
},
{
"category": "self",
"summary": "SUSE Bug 1225128",
"url": "https://bugzilla.suse.com/1225128"
},
{
"category": "self",
"summary": "SUSE Bug 1225132",
"url": "https://bugzilla.suse.com/1225132"
},
{
"category": "self",
"summary": "SUSE Bug 1225141",
"url": "https://bugzilla.suse.com/1225141"
},
{
"category": "self",
"summary": "SUSE Bug 1225143",
"url": "https://bugzilla.suse.com/1225143"
},
{
"category": "self",
"summary": "SUSE Bug 1225144",
"url": "https://bugzilla.suse.com/1225144"
},
{
"category": "self",
"summary": "SUSE Bug 1225151",
"url": "https://bugzilla.suse.com/1225151"
},
{
"category": "self",
"summary": "SUSE Bug 1225153",
"url": "https://bugzilla.suse.com/1225153"
},
{
"category": "self",
"summary": "SUSE Bug 1225155",
"url": "https://bugzilla.suse.com/1225155"
},
{
"category": "self",
"summary": "SUSE Bug 1225157",
"url": "https://bugzilla.suse.com/1225157"
},
{
"category": "self",
"summary": "SUSE Bug 1225164",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "self",
"summary": "SUSE Bug 1225177",
"url": "https://bugzilla.suse.com/1225177"
},
{
"category": "self",
"summary": "SUSE Bug 1225189",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "self",
"summary": "SUSE Bug 1225192",
"url": "https://bugzilla.suse.com/1225192"
},
{
"category": "self",
"summary": "SUSE Bug 1225193",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "self",
"summary": "SUSE Bug 1225198",
"url": "https://bugzilla.suse.com/1225198"
},
{
"category": "self",
"summary": "SUSE Bug 1225201",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "self",
"summary": "SUSE Bug 1225207",
"url": "https://bugzilla.suse.com/1225207"
},
{
"category": "self",
"summary": "SUSE Bug 1225208",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "self",
"summary": "SUSE Bug 1225222",
"url": "https://bugzilla.suse.com/1225222"
},
{
"category": "self",
"summary": "SUSE Bug 1225230",
"url": "https://bugzilla.suse.com/1225230"
},
{
"category": "self",
"summary": "SUSE Bug 1225242",
"url": "https://bugzilla.suse.com/1225242"
},
{
"category": "self",
"summary": "SUSE Bug 1225244",
"url": "https://bugzilla.suse.com/1225244"
},
{
"category": "self",
"summary": "SUSE Bug 1225247",
"url": "https://bugzilla.suse.com/1225247"
},
{
"category": "self",
"summary": "SUSE Bug 1225251",
"url": "https://bugzilla.suse.com/1225251"
},
{
"category": "self",
"summary": "SUSE Bug 1225252",
"url": "https://bugzilla.suse.com/1225252"
},
{
"category": "self",
"summary": "SUSE Bug 1225256",
"url": "https://bugzilla.suse.com/1225256"
},
{
"category": "self",
"summary": "SUSE Bug 1225303",
"url": "https://bugzilla.suse.com/1225303"
},
{
"category": "self",
"summary": "SUSE Bug 1225318",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "self",
"summary": "SUSE Bug 1225322",
"url": "https://bugzilla.suse.com/1225322"
},
{
"category": "self",
"summary": "SUSE Bug 1225329",
"url": "https://bugzilla.suse.com/1225329"
},
{
"category": "self",
"summary": "SUSE Bug 1225330",
"url": "https://bugzilla.suse.com/1225330"
},
{
"category": "self",
"summary": "SUSE Bug 1225336",
"url": "https://bugzilla.suse.com/1225336"
},
{
"category": "self",
"summary": "SUSE Bug 1225347",
"url": "https://bugzilla.suse.com/1225347"
},
{
"category": "self",
"summary": "SUSE Bug 1225351",
"url": "https://bugzilla.suse.com/1225351"
},
{
"category": "self",
"summary": "SUSE Bug 1225354",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "self",
"summary": "SUSE Bug 1225355",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "self",
"summary": "SUSE Bug 1225360",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "self",
"summary": "SUSE Bug 1225366",
"url": "https://bugzilla.suse.com/1225366"
},
{
"category": "self",
"summary": "SUSE Bug 1225367",
"url": "https://bugzilla.suse.com/1225367"
},
{
"category": "self",
"summary": "SUSE Bug 1225384",
"url": "https://bugzilla.suse.com/1225384"
},
{
"category": "self",
"summary": "SUSE Bug 1225390",
"url": "https://bugzilla.suse.com/1225390"
},
{
"category": "self",
"summary": "SUSE Bug 1225404",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "self",
"summary": "SUSE Bug 1225409",
"url": "https://bugzilla.suse.com/1225409"
},
{
"category": "self",
"summary": "SUSE Bug 1225411",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "self",
"summary": "SUSE Bug 1225438",
"url": "https://bugzilla.suse.com/1225438"
},
{
"category": "self",
"summary": "SUSE Bug 1225453",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "self",
"summary": "SUSE Bug 1225479",
"url": "https://bugzilla.suse.com/1225479"
},
{
"category": "self",
"summary": "SUSE Bug 1225482",
"url": "https://bugzilla.suse.com/1225482"
},
{
"category": "self",
"summary": "SUSE Bug 1225506",
"url": "https://bugzilla.suse.com/1225506"
},
{
"category": "self",
"summary": "SUSE Bug 1225549",
"url": "https://bugzilla.suse.com/1225549"
},
{
"category": "self",
"summary": "SUSE Bug 1225560",
"url": "https://bugzilla.suse.com/1225560"
},
{
"category": "self",
"summary": "SUSE Bug 1225572",
"url": "https://bugzilla.suse.com/1225572"
},
{
"category": "self",
"summary": "SUSE Bug 1225640",
"url": "https://bugzilla.suse.com/1225640"
},
{
"category": "self",
"summary": "SUSE Bug 1225708",
"url": "https://bugzilla.suse.com/1225708"
},
{
"category": "self",
"summary": "SUSE Bug 1225764",
"url": "https://bugzilla.suse.com/1225764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46933 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46955 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47074 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47113 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47131 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47171 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47188 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47206 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47220 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47229 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47231 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47235 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47236 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47237 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47238 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47239 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47245 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47246 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47248 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47249 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47250 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47252 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47254 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47258 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47260 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47261 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47265 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47269 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47274 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47276 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47277 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47280 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47281 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47284 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47285 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47288 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47301 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47302 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47305 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47307 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47308 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47310 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47311 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47314 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47315 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47319 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47320 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47321 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47323 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47324 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47330 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47334 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47334/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47337 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47344 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47345 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47347 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47352 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47353 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47355 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47356 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47357 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47361 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47362 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47369 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47378 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47382 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47383 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47391 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47397 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47400 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47401 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47404 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47409 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47416 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47423 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47424 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47431 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47435 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47436 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47456 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47458 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47460 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47469 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47472 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47473 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47478 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47480 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47483 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47485 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47495 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47496 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47497 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47500 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47506 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47509 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47511 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47523 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47541 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47548 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47565 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48650 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48672 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48686 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48697 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48702 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48704 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48708 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48710 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-42755 page",
"url": "https://www.suse.com/security/cve/CVE-2023-42755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47233 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52527 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52586 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52655 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52664 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52685 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52691 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52696 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52698 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52703 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52730 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52732 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52741 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52742 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52747 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52759 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52774 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52781 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52796 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52803 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52821 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52875 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52880 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26625 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26752 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26846 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26874 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26876 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27396 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27401 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27419 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27436 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35809 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35849 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36954/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-06-11T10:56:58Z",
"generator": {
"date": "2024-06-11T10:56:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1983-1",
"initial_release_date": "2024-06-11T10:56:58Z",
"revision_history": [
{
"date": "2024-06-11T10:56:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.188.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.188.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.188.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.188.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.188.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.188.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.188.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.188.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.188.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.188.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.188.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.188.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.188.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.188.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.188.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.188.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.188.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.\n\nffs_data_clear is indirectly called from both ffs_fs_kill_sb and\nffs_ep0_release, so it ends up being called twice when userland closes ep0\nand then unmounts f_fs.\nIf userland provided an eventfd along with function\u0027s USB descriptors, it\nends up calling eventfd_ctx_put as many times, causing a refcount\nunderflow.\nNULL-ify ffs_eventfd to prevent these extraneous eventfd_ctx_put calls.\n\nAlso, set epfiles to NULL right after de-allocating it, for readability.\n\nFor completeness, ffs_data_clear actually ends up being called thrice, the\nlast call being before the whole ffs structure gets freed, so when this\nspecific sequence happens there is a second underflow happening (but not\nbeing reported):\n\n/sys/kernel/debug/tracing# modprobe usb_f_fs\n/sys/kernel/debug/tracing# echo ffs_data_clear \u003e set_ftrace_filter\n/sys/kernel/debug/tracing# echo function \u003e current_tracer\n/sys/kernel/debug/tracing# echo 1 \u003e tracing_on\n(setup gadget, run and kill function userland process, teardown gadget)\n/sys/kernel/debug/tracing# echo 0 \u003e tracing_on\n/sys/kernel/debug/tracing# cat trace\n smartcard-openp-436 [000] ..... 1946.208786: ffs_data_clear \u003c-ffs_data_closed\n smartcard-openp-431 [000] ..... 1946.279147: ffs_data_clear \u003c-ffs_data_closed\n smartcard-openp-431 [000] .n... 1946.905512: ffs_data_clear \u003c-ffs_data_put\n\nWarning output corresponding to above trace:\n[ 1946.284139] WARNING: CPU: 0 PID: 431 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15c\n[ 1946.293094] refcount_t: underflow; use-after-free.\n[ 1946.298164] Modules linked in: usb_f_ncm(E) u_ether(E) usb_f_fs(E) hci_uart(E) btqca(E) btrtl(E) btbcm(E) btintel(E) bluetooth(E) nls_ascii(E) nls_cp437(E) vfat(E) fat(E) bcm2835_v4l2(CE) bcm2835_mmal_vchiq(CE) videobuf2_vmalloc(E) videobuf2_memops(E) sha512_generic(E) videobuf2_v4l2(E) sha512_arm(E) videobuf2_common(E) videodev(E) cpufreq_dt(E) snd_bcm2835(CE) brcmfmac(E) mc(E) vc4(E) ctr(E) brcmutil(E) snd_soc_core(E) snd_pcm_dmaengine(E) drbg(E) snd_pcm(E) snd_timer(E) snd(E) soundcore(E) drm_kms_helper(E) cec(E) ansi_cprng(E) rc_core(E) syscopyarea(E) raspberrypi_cpufreq(E) sysfillrect(E) sysimgblt(E) cfg80211(E) max17040_battery(OE) raspberrypi_hwmon(E) fb_sys_fops(E) regmap_i2c(E) ecdh_generic(E) rfkill(E) ecc(E) bcm2835_rng(E) rng_core(E) vchiq(CE) leds_gpio(E) libcomposite(E) fuse(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) sdhci_iproc(E) sdhci_pltfm(E) sdhci(E)\n[ 1946.399633] CPU: 0 PID: 431 Comm: smartcard-openp Tainted: G C OE 5.15.0-1-rpi #1 Debian 5.15.3-1\n[ 1946.417950] Hardware name: BCM2835\n[ 1946.425442] Backtrace:\n[ 1946.432048] [\u003cc08d60a0\u003e] (dump_backtrace) from [\u003cc08d62ec\u003e] (show_stack+0x20/0x24)\n[ 1946.448226] r7:00000009 r6:0000001c r5:c04a948c r4:c0a64e2c\n[ 1946.458412] [\u003cc08d62cc\u003e] (show_stack) from [\u003cc08d9ae0\u003e] (dump_stack+0x28/0x30)\n[ 1946.470380] [\u003cc08d9ab8\u003e] (dump_stack) from [\u003cc0123500\u003e] (__warn+0xe8/0x154)\n[ 1946.482067] r5:c04a948c r4:c0a71dc8\n[ 1946.490184] [\u003cc0123418\u003e] (__warn) from [\u003cc08d6948\u003e] (warn_slowpath_fmt+0xa0/0xe4)\n[ 1946.506758] r7:00000009 r6:0000001c r5:c0a71dc8 r4:c0a71e04\n[ 1946.517070] [\u003cc08d68ac\u003e] (warn_slowpath_fmt) from [\u003cc04a948c\u003e] (refcount_warn_saturate+0x110/0x15c)\n[ 1946.535309] r8:c0100224 r7:c0dfcb84 r6:ffffffff r5:c3b84c00 r4:c24a17c0\n[ 1946.546708] [\u003cc04a937c\u003e] (refcount_warn_saturate) from [\u003cc0380134\u003e] (eventfd_ctx_put+0x48/0x74)\n[ 1946.564476] [\u003cc03800ec\u003e] (eventfd_ctx_put) from [\u003cbf5464e8\u003e] (ffs_data_clear+0xd0/0x118 [usb_f_fs])\n[ 1946.582664] r5:c3b84c00 r4:c2695b00\n[ 1946.590668] [\u003cbf546418\u003e] (ffs_data_clear [usb_f_fs]) from [\u003cbf547cc0\u003e] (ffs_data_closed+0x9c/0x150 [usb_f_fs])\n[ 1946.609608] r5:bf54d014 r4:c2695b00\n[ 1946.617522] [\u003cbf547c24\u003e] (ffs_data_closed [usb_f_fs]) from [\u003cbf547da0\u003e] (ffs_fs_kill_sb+0x2c/0x30 [usb_f_fs])\n[ 1946.636217] r7:c0dfcb\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46933",
"url": "https://www.suse.com/security/cve/CVE-2021-46933"
},
{
"category": "external",
"summary": "SUSE Bug 1220487 for CVE-2021-46933",
"url": "https://bugzilla.suse.com/1220487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-46933"
},
{
"cve": "CVE-2021-46955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix stack OOB read while fragmenting IPv4 packets\n\nrunning openvswitch on kernels built with KASAN, it\u0027s possible to see the\nfollowing splat while testing fragmentation of IPv4 packets:\n\n BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60\n Read of size 1 at addr ffff888112fc713c by task handler2/1367\n\n CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n Call Trace:\n dump_stack+0x92/0xc1\n print_address_description.constprop.7+0x1a/0x150\n kasan_report.cold.13+0x7f/0x111\n ip_do_fragment+0x1b03/0x1f60\n ovs_fragment+0x5bf/0x840 [openvswitch]\n do_execute_actions+0x1bd5/0x2400 [openvswitch]\n ovs_execute_actions+0xc8/0x3d0 [openvswitch]\n ovs_packet_cmd_execute+0xa39/0x1150 [openvswitch]\n genl_family_rcv_msg_doit.isra.15+0x227/0x2d0\n genl_rcv_msg+0x287/0x490\n netlink_rcv_skb+0x120/0x380\n genl_rcv+0x24/0x40\n netlink_unicast+0x439/0x630\n netlink_sendmsg+0x719/0xbf0\n sock_sendmsg+0xe2/0x110\n ____sys_sendmsg+0x5ba/0x890\n ___sys_sendmsg+0xe9/0x160\n __sys_sendmsg+0xd3/0x170\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f957079db07\n Code: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 eb ec ff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 24 ed ff ff 48\n RSP: 002b:00007f956ce35a50 EFLAGS: 00000293 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 00007f957079db07\n RDX: 0000000000000000 RSI: 00007f956ce35ae0 RDI: 0000000000000019\n RBP: 00007f956ce35ae0 R08: 0000000000000000 R09: 00007f9558006730\n R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n R13: 00007f956ce37308 R14: 00007f956ce35f80 R15: 00007f956ce35ae0\n\n The buggy address belongs to the page:\n page:00000000af2a1d93 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112fc7\n flags: 0x17ffffc0000000()\n raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n addr ffff888112fc713c is located in stack of task handler2/1367 at offset 180 in frame:\n ovs_fragment+0x0/0x840 [openvswitch]\n\n this frame has 2 objects:\n [32, 144) \u0027ovs_dst\u0027\n [192, 424) \u0027ovs_rt\u0027\n\n Memory state around the buggy address:\n ffff888112fc7000: f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7080: 00 f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00\n \u003effff888112fc7100: 00 00 00 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00\n ^\n ffff888112fc7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7200: 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 00 00\n\nfor IPv4 packets, ovs_fragment() uses a temporary struct dst_entry. Then,\nin the following call graph:\n\n ip_do_fragment()\n ip_skb_dst_mtu()\n ip_dst_mtu_maybe_forward()\n ip_mtu_locked()\n\nthe pointer to struct dst_entry is used as pointer to struct rtable: this\nturns the access to struct members like rt_mtu_locked into an OOB read in\nthe stack. Fix this changing the temporary variable used for IPv4 packets\nin ovs_fragment(), similarly to what is done for IPv6 few lines below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46955",
"url": "https://www.suse.com/security/cve/CVE-2021-46955"
},
{
"category": "external",
"summary": "SUSE Bug 1220513 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "external",
"summary": "SUSE Bug 1220537 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-46955"
},
{
"cve": "CVE-2021-47074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-loop: fix memory leak in nvme_loop_create_ctrl()\n\nWhen creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl()\nfails, the loop ctrl should be freed before jumping to the \"out\" label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47074",
"url": "https://www.suse.com/security/cve/CVE-2021-47074"
},
{
"category": "external",
"summary": "SUSE Bug 1220854 for CVE-2021-47074",
"url": "https://bugzilla.suse.com/1220854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47074"
},
{
"cve": "CVE-2021-47113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: abort in rename_exchange if we fail to insert the second ref\n\nError injection stress uncovered a problem where we\u0027d leave a dangling\ninode ref if we failed during a rename_exchange. This happens because\nwe insert the inode ref for one side of the rename, and then for the\nother side. If this second inode ref insert fails we\u0027ll leave the first\none dangling and leave a corrupt file system behind. Fix this by\naborting if we did the insert for the first inode ref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47113",
"url": "https://www.suse.com/security/cve/CVE-2021-47113"
},
{
"category": "external",
"summary": "SUSE Bug 1221543 for CVE-2021-47113",
"url": "https://bugzilla.suse.com/1221543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47113"
},
{
"cve": "CVE-2021-47131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix use-after-free after the TLS device goes down and up\n\nWhen a netdev with active TLS offload goes down, tls_device_down is\ncalled to stop the offload and tear down the TLS context. However, the\nsocket stays alive, and it still points to the TLS context, which is now\ndeallocated. If a netdev goes up, while the connection is still active,\nand the data flow resumes after a number of TCP retransmissions, it will\nlead to a use-after-free of the TLS context.\n\nThis commit addresses this bug by keeping the context alive until its\nnormal destruction, and implements the necessary fallbacks, so that the\nconnection can resume in software (non-offloaded) kTLS mode.\n\nOn the TX side tls_sw_fallback is used to encrypt all packets. The RX\nside already has all the necessary fallbacks, because receiving\nnon-decrypted packets is supported. The thing needed on the RX side is\nto block resync requests, which are normally produced after receiving\nnon-decrypted packets.\n\nThe necessary synchronization is implemented for a graceful teardown:\nfirst the fallbacks are deployed, then the driver resources are released\n(it used to be possible to have a tls_dev_resync after tls_dev_del).\n\nA new flag called TLS_RX_DEV_DEGRADED is added to indicate the fallback\nmode. It\u0027s used to skip the RX resync logic completely, as it becomes\nuseless, and some objects may be released (for example, resync_async,\nwhich is allocated and freed by the driver).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47131",
"url": "https://www.suse.com/security/cve/CVE-2021-47131"
},
{
"category": "external",
"summary": "SUSE Bug 1221545 for CVE-2021-47131",
"url": "https://bugzilla.suse.com/1221545"
},
{
"category": "external",
"summary": "SUSE Bug 1222402 for CVE-2021-47131",
"url": "https://bugzilla.suse.com/1222402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47131"
},
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47171",
"url": "https://www.suse.com/security/cve/CVE-2021-47171"
},
{
"category": "external",
"summary": "SUSE Bug 1221994 for CVE-2021-47171",
"url": "https://bugzilla.suse.com/1221994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp-\u003ecmd);\n\nFix this warning by clearing lrbp-\u003ecmd from the abort handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47188",
"url": "https://www.suse.com/security/cve/CVE-2021-47188"
},
{
"category": "external",
"summary": "SUSE Bug 1222671 for CVE-2021-47188",
"url": "https://bugzilla.suse.com/1222671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-tmio: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47206",
"url": "https://www.suse.com/security/cve/CVE-2021-47206"
},
{
"category": "external",
"summary": "SUSE Bug 1222894 for CVE-2021-47206",
"url": "https://bugzilla.suse.com/1222894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47206"
},
{
"cve": "CVE-2021-47220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47220"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47220",
"url": "https://www.suse.com/security/cve/CVE-2021-47220"
},
{
"category": "external",
"summary": "SUSE Bug 1224859 for CVE-2021-47220",
"url": "https://bugzilla.suse.com/1224859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47220"
},
{
"cve": "CVE-2021-47229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: aardvark: Fix kernel panic during PIO transfer\n\nTrying to start a new PIO transfer by writing value 0 in PIO_START register\nwhen previous transfer has not yet completed (which is indicated by value 1\nin PIO_START) causes an External Abort on CPU, which results in kernel\npanic:\n\n SError Interrupt on CPU0, code 0xbf000002 -- SError\n Kernel panic - not syncing: Asynchronous SError Interrupt\n\nTo prevent kernel panic, it is required to reject a new PIO transfer when\nprevious one has not finished yet.\n\nIf previous PIO transfer is not finished yet, the kernel may issue a new\nPIO request only if the previous PIO transfer timed out.\n\nIn the past the root cause of this issue was incorrectly identified (as it\noften happens during link retraining or after link down event) and special\nhack was implemented in Trusted Firmware to catch all SError events in EL3,\nto ignore errors with code 0xbf000002 and not forwarding any other errors\nto kernel and instead throw panic from EL3 Trusted Firmware handler.\n\nLinks to discussion and patches about this issue:\nhttps://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=3c7dcdac5c50\nhttps://lore.kernel.org/linux-pci/20190316161243.29517-1-repk@triplefau.lt/\nhttps://lore.kernel.org/linux-pci/971be151d24312cc533989a64bd454b4@www.loen.fr/\nhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/1541\n\nBut the real cause was the fact that during link retraining or after link\ndown event the PIO transfer may take longer time, up to the 1.44s until it\ntimes out. This increased probability that a new PIO transfer would be\nissued by kernel while previous one has not finished yet.\n\nAfter applying this change into the kernel, it is possible to revert the\nmentioned TF-A hack and SError events do not have to be caught in TF-A EL3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47229",
"url": "https://www.suse.com/security/cve/CVE-2021-47229"
},
{
"category": "external",
"summary": "SUSE Bug 1224854 for CVE-2021-47229",
"url": "https://bugzilla.suse.com/1224854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47229"
},
{
"cve": "CVE-2021-47231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcba_usb: fix memory leak in mcba_usb\n\nSyzbot reported memory leak in SocketCAN driver for Microchip CAN BUS\nAnalyzer Tool. The problem was in unfreed usb_coherent.\n\nIn mcba_usb_start() 20 coherent buffers are allocated and there is\nnothing, that frees them:\n\n1) In callback function the urb is resubmitted and that\u0027s all\n2) In disconnect function urbs are simply killed, but URB_FREE_BUFFER\n is not set (see mcba_usb_start) and this flag cannot be used with\n coherent buffers.\n\nFail log:\n| [ 1354.053291][ T8413] mcba_usb 1-1:0.0 can0: device disconnected\n| [ 1367.059384][ T8420] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmem)\n\nSo, all allocated buffers should be freed with usb_free_coherent()\nexplicitly\n\nNOTE:\nThe same pattern for allocating and freeing coherent buffers\nis used in drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47231",
"url": "https://www.suse.com/security/cve/CVE-2021-47231"
},
{
"category": "external",
"summary": "SUSE Bug 1224849 for CVE-2021-47231",
"url": "https://bugzilla.suse.com/1224849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47231"
},
{
"cve": "CVE-2021-47235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47235"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: fix potential use-after-free in ec_bhf_remove\n\nstatic void ec_bhf_remove(struct pci_dev *dev)\n{\n...\n\tstruct ec_bhf_priv *priv = netdev_priv(net_dev);\n\n\tunregister_netdev(net_dev);\n\tfree_netdev(net_dev);\n\n\tpci_iounmap(dev, priv-\u003edma_io);\n\tpci_iounmap(dev, priv-\u003eio);\n...\n}\n\npriv is netdev private data, but it is used\nafter free_netdev(). It can cause use-after-free when accessing priv\npointer. So, fix it by moving free_netdev() after pci_iounmap()\ncalls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47235",
"url": "https://www.suse.com/security/cve/CVE-2021-47235"
},
{
"category": "external",
"summary": "SUSE Bug 1224844 for CVE-2021-47235",
"url": "https://bugzilla.suse.com/1224844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47235"
},
{
"cve": "CVE-2021-47236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47236"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cdc_eem: fix tx fixup skb leak\n\nwhen usbnet transmit a skb, eem fixup it in eem_tx_fixup(),\nif skb_copy_expand() failed, it return NULL,\nusbnet_start_xmit() will have no chance to free original skb.\n\nfix it by free orginal skb in eem_tx_fixup() first,\nthen check skb clone status, if failed, return NULL to usbnet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47236",
"url": "https://www.suse.com/security/cve/CVE-2021-47236"
},
{
"category": "external",
"summary": "SUSE Bug 1224841 for CVE-2021-47236",
"url": "https://bugzilla.suse.com/1224841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47236"
},
{
"cve": "CVE-2021-47237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hamradio: fix memory leak in mkiss_close\n\nMy local syzbot instance hit memory leak in\nmkiss_open()[1]. The problem was in missing\nfree_netdev() in mkiss_close().\n\nIn mkiss_open() netdevice is allocated and then\nregistered, but in mkiss_close() netdevice was\nonly unregistered, but not freed.\n\nFail log:\n\nBUG: memory leak\nunreferenced object 0xffff8880281ba000 (size 4096):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 61 78 30 00 00 00 00 00 00 00 00 00 00 00 00 00 ax0.............\n 00 27 fa 2a 80 88 ff ff 00 00 00 00 00 00 00 00 .\u0027.*............\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706e7e8\u003e] alloc_netdev_mqs+0x98/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff8880141a9a00 (size 96):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n e8 a2 1b 28 80 88 ff ff e8 a2 1b 28 80 88 ff ff ...(.......(....\n 98 92 9c aa b0 40 02 00 00 00 00 00 00 00 00 00 .....@..........\n backtrace:\n [\u003cffffffff8709f68b\u003e] __hw_addr_create_ex+0x5b/0x310\n [\u003cffffffff8709fb38\u003e] __hw_addr_add_ex+0x1f8/0x2b0\n [\u003cffffffff870a0c7b\u003e] dev_addr_init+0x10b/0x1f0\n [\u003cffffffff8706e88b\u003e] alloc_netdev_mqs+0x13b/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff8880219bfc00 (size 512):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 00 a0 1b 28 80 88 ff ff 80 8f b1 8d ff ff ff ff ...(............\n 80 8f b1 8d ff ff ff ff 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706eec7\u003e] alloc_netdev_mqs+0x777/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff888029b2b200 (size 256):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706f062\u003e] alloc_netdev_mqs+0x912/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47237",
"url": "https://www.suse.com/security/cve/CVE-2021-47237"
},
{
"category": "external",
"summary": "SUSE Bug 1224830 for CVE-2021-47237",
"url": "https://bugzilla.suse.com/1224830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47237"
},
{
"cve": "CVE-2021-47238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in ip_mc_add1_src\n\nBUG: memory leak\nunreferenced object 0xffff888101bc4c00 (size 32):\n comm \"syz-executor527\", pid 360, jiffies 4294807421 (age 19.329s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 01 00 00 00 00 00 00 00 ac 14 14 bb 00 00 02 00 ................\n backtrace:\n [\u003c00000000f17c5244\u003e] kmalloc include/linux/slab.h:558 [inline]\n [\u003c00000000f17c5244\u003e] kzalloc include/linux/slab.h:688 [inline]\n [\u003c00000000f17c5244\u003e] ip_mc_add1_src net/ipv4/igmp.c:1971 [inline]\n [\u003c00000000f17c5244\u003e] ip_mc_add_src+0x95f/0xdb0 net/ipv4/igmp.c:2095\n [\u003c000000001cb99709\u003e] ip_mc_source+0x84c/0xea0 net/ipv4/igmp.c:2416\n [\u003c0000000052cf19ed\u003e] do_ip_setsockopt net/ipv4/ip_sockglue.c:1294 [inline]\n [\u003c0000000052cf19ed\u003e] ip_setsockopt+0x114b/0x30c0 net/ipv4/ip_sockglue.c:1423\n [\u003c00000000477edfbc\u003e] raw_setsockopt+0x13d/0x170 net/ipv4/raw.c:857\n [\u003c00000000e75ca9bb\u003e] __sys_setsockopt+0x158/0x270 net/socket.c:2117\n [\u003c00000000bdb993a8\u003e] __do_sys_setsockopt net/socket.c:2128 [inline]\n [\u003c00000000bdb993a8\u003e] __se_sys_setsockopt net/socket.c:2125 [inline]\n [\u003c00000000bdb993a8\u003e] __x64_sys_setsockopt+0xba/0x150 net/socket.c:2125\n [\u003c000000006a1ffdbd\u003e] do_syscall_64+0x40/0x80 arch/x86/entry/common.c:47\n [\u003c00000000b11467c4\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nIn commit 24803f38a5c0 (\"igmp: do not remove igmp souce list info when set\nlink down\"), the ip_mc_clear_src() in ip_mc_destroy_dev() was removed,\nbecause it was also called in igmpv3_clear_delrec().\n\nRough callgraph:\n\ninetdev_destroy\n-\u003e ip_mc_destroy_dev\n -\u003e igmpv3_clear_delrec\n -\u003e ip_mc_clear_src\n-\u003e RCU_INIT_POINTER(dev-\u003eip_ptr, NULL)\n\nHowever, ip_mc_clear_src() called in igmpv3_clear_delrec() doesn\u0027t\nrelease in_dev-\u003emc_list-\u003esources. And RCU_INIT_POINTER() assigns the\nNULL to dev-\u003eip_ptr. As a result, in_dev cannot be obtained through\ninetdev_by_index() and then in_dev-\u003emc_list-\u003esources cannot be released\nby ip_mc_del1_src() in the sock_close. Rough call sequence goes like:\n\nsock_close\n-\u003e __sock_release\n -\u003e inet_release\n -\u003e ip_mc_drop_socket\n -\u003e inetdev_by_index\n -\u003e ip_mc_leave_src\n -\u003e ip_mc_del_src\n -\u003e ip_mc_del1_src\n\nSo we still need to call ip_mc_clear_src() in ip_mc_destroy_dev() to free\nin_dev-\u003emc_list-\u003esources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47238",
"url": "https://www.suse.com/security/cve/CVE-2021-47238"
},
{
"category": "external",
"summary": "SUSE Bug 1224847 for CVE-2021-47238",
"url": "https://bugzilla.suse.com/1224847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47238"
},
{
"cve": "CVE-2021-47239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix possible use-after-free in smsc75xx_bind\n\nThe commit 46a8b29c6306 (\"net: usb: fix memory leak in smsc75xx_bind\")\nfails to clean up the work scheduled in smsc75xx_reset-\u003e\nsmsc75xx_set_multicast, which leads to use-after-free if the work is\nscheduled to start after the deallocation. In addition, this patch\nalso removes a dangling pointer - dev-\u003edata[0].\n\nThis patch calls cancel_work_sync to cancel the scheduled work and set\nthe dangling pointer to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47239",
"url": "https://www.suse.com/security/cve/CVE-2021-47239"
},
{
"category": "external",
"summary": "SUSE Bug 1224846 for CVE-2021-47239",
"url": "https://bugzilla.suse.com/1224846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47239"
},
{
"cve": "CVE-2021-47245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: synproxy: Fix out of bounds when parsing TCP options\n\nThe TCP option parser in synproxy (synproxy_parse_options) could read\none byte out of bounds. When the length is 1, the execution flow gets\ninto the loop, reads one byte of the opcode, and if the opcode is\nneither TCPOPT_EOL nor TCPOPT_NOP, it reads one more byte, which exceeds\nthe length of 1.\n\nThis fix is inspired by commit 9609dad263f8 (\"ipv4: tcp_input: fix stack\nout of bounds when parsing TCP options.\").\n\nv2 changes:\n\nAdded an early return when length \u003c 0 to avoid calling\nskb_header_pointer with negative length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47245",
"url": "https://www.suse.com/security/cve/CVE-2021-47245"
},
{
"category": "external",
"summary": "SUSE Bug 1224838 for CVE-2021-47245",
"url": "https://bugzilla.suse.com/1224838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47245"
},
{
"cve": "CVE-2021-47246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47246"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix page reclaim for dead peer hairpin\n\nWhen adding a hairpin flow, a firmware-side send queue is created for\nthe peer net device, which claims some host memory pages for its\ninternal ring buffer. If the peer net device is removed/unbound before\nthe hairpin flow is deleted, then the send queue is not destroyed which\nleads to a stack trace on pci device remove:\n\n[ 748.005230] mlx5_core 0000:08:00.2: wait_func:1094:(pid 12985): MANAGE_PAGES(0x108) timeout. Will cause a leak of a command resource\n[ 748.005231] mlx5_core 0000:08:00.2: reclaim_pages:514:(pid 12985): failed reclaiming pages: err -110\n[ 748.001835] mlx5_core 0000:08:00.2: mlx5_reclaim_root_pages:653:(pid 12985): failed reclaiming pages (-110) for func id 0x0\n[ 748.002171] ------------[ cut here ]------------\n[ 748.001177] FW pages counter is 4 after reclaiming all pages\n[ 748.001186] WARNING: CPU: 1 PID: 12985 at drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c:685 mlx5_reclaim_startup_pages+0x34b/0x460 [mlx5_core] [ +0.002771] Modules linked in: cls_flower mlx5_ib mlx5_core ptp pps_core act_mirred sch_ingress openvswitch nsh xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_umad ib_ipoib iw_cm ib_cm ib_uverbs ib_core overlay fuse [last unloaded: pps_core]\n[ 748.007225] CPU: 1 PID: 12985 Comm: tee Not tainted 5.12.0+ #1\n[ 748.001376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 748.002315] RIP: 0010:mlx5_reclaim_startup_pages+0x34b/0x460 [mlx5_core]\n[ 748.001679] Code: 28 00 00 00 0f 85 22 01 00 00 48 81 c4 b0 00 00 00 31 c0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 c7 c7 40 cc 19 a1 e8 9f 71 0e e2 \u003c0f\u003e 0b e9 30 ff ff ff 48 c7 c7 a0 cc 19 a1 e8 8c 71 0e e2 0f 0b e9\n[ 748.003781] RSP: 0018:ffff88815220faf8 EFLAGS: 00010286\n[ 748.001149] RAX: 0000000000000000 RBX: ffff8881b4900280 RCX: 0000000000000000\n[ 748.001445] RDX: 0000000000000027 RSI: 0000000000000004 RDI: ffffed102a441f51\n[ 748.001614] RBP: 00000000000032b9 R08: 0000000000000001 R09: ffffed1054a15ee8\n[ 748.001446] R10: ffff8882a50af73b R11: ffffed1054a15ee7 R12: fffffbfff07c1e30\n[ 748.001447] R13: dffffc0000000000 R14: ffff8881b492cba8 R15: 0000000000000000\n[ 748.001429] FS: 00007f58bd08b580(0000) GS:ffff8882a5080000(0000) knlGS:0000000000000000\n[ 748.001695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 748.001309] CR2: 000055a026351740 CR3: 00000001d3b48006 CR4: 0000000000370ea0\n[ 748.001506] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 748.001483] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 748.001654] Call Trace:\n[ 748.000576] ? mlx5_satisfy_startup_pages+0x290/0x290 [mlx5_core]\n[ 748.001416] ? mlx5_cmd_teardown_hca+0xa2/0xd0 [mlx5_core]\n[ 748.001354] ? mlx5_cmd_init_hca+0x280/0x280 [mlx5_core]\n[ 748.001203] mlx5_function_teardown+0x30/0x60 [mlx5_core]\n[ 748.001275] mlx5_uninit_one+0xa7/0xc0 [mlx5_core]\n[ 748.001200] remove_one+0x5f/0xc0 [mlx5_core]\n[ 748.001075] pci_device_remove+0x9f/0x1d0\n[ 748.000833] device_release_driver_internal+0x1e0/0x490\n[ 748.001207] unbind_store+0x19f/0x200\n[ 748.000942] ? sysfs_file_ops+0x170/0x170\n[ 748.001000] kernfs_fop_write_iter+0x2bc/0x450\n[ 748.000970] new_sync_write+0x373/0x610\n[ 748.001124] ? new_sync_read+0x600/0x600\n[ 748.001057] ? lock_acquire+0x4d6/0x700\n[ 748.000908] ? lockdep_hardirqs_on_prepare+0x400/0x400\n[ 748.001126] ? fd_install+0x1c9/0x4d0\n[ 748.000951] vfs_write+0x4d0/0x800\n[ 748.000804] ksys_write+0xf9/0x1d0\n[ 748.000868] ? __x64_sys_read+0xb0/0xb0\n[ 748.000811] ? filp_open+0x50/0x50\n[ 748.000919] ? syscall_enter_from_user_mode+0x1d/0x50\n[ 748.001223] do_syscall_64+0x3f/0x80\n[ 748.000892] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 748.00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47246",
"url": "https://www.suse.com/security/cve/CVE-2021-47246"
},
{
"category": "external",
"summary": "SUSE Bug 1224831 for CVE-2021-47246",
"url": "https://bugzilla.suse.com/1224831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47246"
},
{
"cve": "CVE-2021-47248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can\u0027t easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey \u003ckapandey@codeaurora.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47248",
"url": "https://www.suse.com/security/cve/CVE-2021-47248"
},
{
"category": "external",
"summary": "SUSE Bug 1224867 for CVE-2021-47248",
"url": "https://bugzilla.suse.com/1224867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47248"
},
{
"cve": "CVE-2021-47249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: fix memory leak in rds_recvmsg\n\nSyzbot reported memory leak in rds. The problem\nwas in unputted refcount in case of error.\n\nint rds_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,\n\t\tint msg_flags)\n{\n...\n\n\tif (!rds_next_incoming(rs, \u0026inc)) {\n\t\t...\n\t}\n\nAfter this \"if\" inc refcount incremented and\n\n\tif (rds_cmsg_recv(inc, msg, rs)) {\n\t\tret = -EFAULT;\n\t\tgoto out;\n\t}\n...\nout:\n\treturn ret;\n}\n\nin case of rds_cmsg_recv() fail the refcount won\u0027t be\ndecremented. And it\u0027s easy to see from ftrace log, that\nrds_inc_addref() don\u0027t have rds_inc_put() pair in\nrds_recvmsg() after rds_cmsg_recv()\n\n 1) | rds_recvmsg() {\n 1) 3.721 us | rds_inc_addref();\n 1) 3.853 us | rds_message_inc_copy_to_user();\n 1) + 10.395 us | rds_cmsg_recv();\n 1) + 34.260 us | }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47249",
"url": "https://www.suse.com/security/cve/CVE-2021-47249"
},
{
"category": "external",
"summary": "SUSE Bug 1224880 for CVE-2021-47249",
"url": "https://bugzilla.suse.com/1224880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47249"
},
{
"cve": "CVE-2021-47250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47250"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[\u003c00000000e67ed558\u003e] kmalloc include/linux/slab.h:590 [inline]\n[\u003c00000000e67ed558\u003e] kzalloc include/linux/slab.h:720 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[\u003c0000000006040154\u003e] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[\u003c00000000204d7a1c\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[\u003c00000000204d7a1c\u003e] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[\u003c00000000c0d6a995\u003e] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[\u003c00000000d78b9d2c\u003e] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[\u003c000000009733081b\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[\u003c000000009733081b\u003e] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[\u003c00000000d5fd43b8\u003e] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[\u003c000000000a2d1e40\u003e] sock_sendmsg_nosec net/socket.c:654 [inline]\n[\u003c000000000a2d1e40\u003e] sock_sendmsg+0x139/0x170 net/socket.c:674\n[\u003c00000000321d1969\u003e] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[\u003c00000000964e16bc\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[\u003c000000001615e288\u003e] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[\u003c000000004ee8b6a5\u003e] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[\u003c00000000171c7cee\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def-\u003emap.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47250",
"url": "https://www.suse.com/security/cve/CVE-2021-47250"
},
{
"category": "external",
"summary": "SUSE Bug 1224827 for CVE-2021-47250",
"url": "https://bugzilla.suse.com/1224827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47250"
},
{
"cve": "CVE-2021-47252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid WARN_ON timing related checks\n\nThe soft/batadv interface for a queued OGM can be changed during the time\nthe OGM was queued for transmission and when the OGM is actually\ntransmitted by the worker.\n\nBut WARN_ON must be used to denote kernel bugs and not to print simple\nwarnings. A warning can simply be printed using pr_warn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47252",
"url": "https://www.suse.com/security/cve/CVE-2021-47252"
},
{
"category": "external",
"summary": "SUSE Bug 1224882 for CVE-2021-47252",
"url": "https://bugzilla.suse.com/1224882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47252"
},
{
"cve": "CVE-2021-47254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix use-after-free in gfs2_glock_shrink_scan\n\nThe GLF_LRU flag is checked under lru_lock in gfs2_glock_remove_from_lru() to\nremove the glock from the lru list in __gfs2_glock_put().\n\nOn the shrink scan path, the same flag is cleared under lru_lock but because\nof cond_resched_lock(\u0026lru_lock) in gfs2_dispose_glock_lru(), progress on the\nput side can be made without deleting the glock from the lru list.\n\nKeep GLF_LRU across the race window opened by cond_resched_lock(\u0026lru_lock) to\nensure correct behavior on both sides - clear GLF_LRU after list_del under\nlru_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47254",
"url": "https://www.suse.com/security/cve/CVE-2021-47254"
},
{
"category": "external",
"summary": "SUSE Bug 1224888 for CVE-2021-47254",
"url": "https://bugzilla.suse.com/1224888"
},
{
"category": "external",
"summary": "SUSE Bug 1227559 for CVE-2021-47254",
"url": "https://bugzilla.suse.com/1227559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47254"
},
{
"cve": "CVE-2021-47258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix error handling of scsi_host_alloc()\n\nAfter device is initialized via device_initialize(), or its name is set via\ndev_set_name(), the device has to be freed via put_device(). Otherwise\ndevice name will be leaked because it is allocated dynamically in\ndev_set_name().\n\nFix the leak by replacing kfree() with put_device(). Since\nscsi_host_dev_release() properly handles IDA and kthread removal, remove\nspecial-casing these from the error handling as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47258",
"url": "https://www.suse.com/security/cve/CVE-2021-47258"
},
{
"category": "external",
"summary": "SUSE Bug 1224899 for CVE-2021-47258",
"url": "https://bugzilla.suse.com/1224899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47258"
},
{
"cve": "CVE-2021-47260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47260"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a potential NULL dereference in nfs_get_client()\n\nNone of the callers are expecting NULL returns from nfs_get_client() so\nthis code will lead to an Oops. It\u0027s better to return an error\npointer. I expect that this is dead code so hopefully no one is\naffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47260",
"url": "https://www.suse.com/security/cve/CVE-2021-47260"
},
{
"category": "external",
"summary": "SUSE Bug 1224834 for CVE-2021-47260",
"url": "https://bugzilla.suse.com/1224834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47260"
},
{
"cve": "CVE-2021-47261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix initializing CQ fragments buffer\n\nThe function init_cq_frag_buf() can be called to initialize the current CQ\nfragments buffer cq-\u003ebuf, or the temporary cq-\u003eresize_buf that is filled\nduring CQ resize operation.\n\nHowever, the offending commit started to use function get_cqe() for\ngetting the CQEs, the issue with this change is that get_cqe() always\nreturns CQEs from cq-\u003ebuf, which leads us to initialize the wrong buffer,\nand in case of enlarging the CQ we try to access elements beyond the size\nof the current cq-\u003ebuf and eventually hit a kernel panic.\n\n [exception RIP: init_cq_frag_buf+103]\n [ffff9f799ddcbcd8] mlx5_ib_resize_cq at ffffffffc0835d60 [mlx5_ib]\n [ffff9f799ddcbdb0] ib_resize_cq at ffffffffc05270df [ib_core]\n [ffff9f799ddcbdc0] llt_rdma_setup_qp at ffffffffc0a6a712 [llt]\n [ffff9f799ddcbe10] llt_rdma_cc_event_action at ffffffffc0a6b411 [llt]\n [ffff9f799ddcbe98] llt_rdma_client_conn_thread at ffffffffc0a6bb75 [llt]\n [ffff9f799ddcbec8] kthread at ffffffffa66c5da1\n [ffff9f799ddcbf50] ret_from_fork_nospec_begin at ffffffffa6d95ddd\n\nFix it by getting the needed CQE by calling mlx5_frag_buf_get_wqe() that\ntakes the correct source buffer as a parameter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47261",
"url": "https://www.suse.com/security/cve/CVE-2021-47261"
},
{
"category": "external",
"summary": "SUSE Bug 1224954 for CVE-2021-47261",
"url": "https://bugzilla.suse.com/1224954"
},
{
"category": "external",
"summary": "SUSE Bug 1227751 for CVE-2021-47261",
"url": "https://bugzilla.suse.com/1227751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47261"
},
{
"cve": "CVE-2021-47265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47265"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: Verify port when creating flow rule\n\nValidate port value provided by the user and with that remove no longer\nneeded validation by the driver. The missing check in the mlx5_ib driver\ncould cause to the below oops.\n\nCall trace:\n _create_flow_rule+0x2d4/0xf28 [mlx5_ib]\n mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib]\n ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs]\n ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs]\n ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs]\n do_vfs_ioctl+0xd0/0xaf0\n ksys_ioctl+0x84/0xb4\n __arm64_sys_ioctl+0x28/0xc4\n el0_svc_common.constprop.3+0xa4/0x254\n el0_svc_handler+0x84/0xa0\n el0_svc+0x10/0x26c\n Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47265",
"url": "https://www.suse.com/security/cve/CVE-2021-47265"
},
{
"category": "external",
"summary": "SUSE Bug 1224957 for CVE-2021-47265",
"url": "https://bugzilla.suse.com/1224957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47265"
},
{
"cve": "CVE-2021-47269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47269"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: ep0: fix NULL pointer exception\n\nThere is no validation of the index from dwc3_wIndex_to_dep() and we might\nbe referring a non-existing ep and trigger a NULL pointer exception. In\ncertain configurations we might use fewer eps and the index might wrongly\nindicate a larger ep index than existing.\n\nBy adding this validation from the patch we can actually report a wrong\nindex back to the caller.\n\nIn our usecase we are using a composite device on an older kernel, but\nupstream might use this fix also. Unfortunately, I cannot describe the\nhardware for others to reproduce the issue as it is a proprietary\nimplementation.\n\n[ 82.958261] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a4\n[ 82.966891] Mem abort info:\n[ 82.969663] ESR = 0x96000006\n[ 82.972703] Exception class = DABT (current EL), IL = 32 bits\n[ 82.978603] SET = 0, FnV = 0\n[ 82.981642] EA = 0, S1PTW = 0\n[ 82.984765] Data abort info:\n[ 82.987631] ISV = 0, ISS = 0x00000006\n[ 82.991449] CM = 0, WnR = 0\n[ 82.994409] user pgtable: 4k pages, 39-bit VAs, pgdp = 00000000c6210ccc\n[ 83.000999] [00000000000000a4] pgd=0000000053aa5003, pud=0000000053aa5003, pmd=0000000000000000\n[ 83.009685] Internal error: Oops: 96000006 [#1] PREEMPT SMP\n[ 83.026433] Process irq/62-dwc3 (pid: 303, stack limit = 0x000000003985154c)\n[ 83.033470] CPU: 0 PID: 303 Comm: irq/62-dwc3 Not tainted 4.19.124 #1\n[ 83.044836] pstate: 60000085 (nZCv daIf -PAN -UAO)\n[ 83.049628] pc : dwc3_ep0_handle_feature+0x414/0x43c\n[ 83.054558] lr : dwc3_ep0_interrupt+0x3b4/0xc94\n\n...\n\n[ 83.141788] Call trace:\n[ 83.144227] dwc3_ep0_handle_feature+0x414/0x43c\n[ 83.148823] dwc3_ep0_interrupt+0x3b4/0xc94\n[ 83.181546] ---[ end trace aac6b5267d84c32f ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47269",
"url": "https://www.suse.com/security/cve/CVE-2021-47269"
},
{
"category": "external",
"summary": "SUSE Bug 1224996 for CVE-2021-47269",
"url": "https://bugzilla.suse.com/1224996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47269"
},
{
"cve": "CVE-2021-47274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47274"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Correct the length check which causes memory corruption\n\nWe\u0027ve suffered from severe kernel crashes due to memory corruption on\nour production environment, like,\n\nCall Trace:\n[1640542.554277] general protection fault: 0000 [#1] SMP PTI\n[1640542.554856] CPU: 17 PID: 26996 Comm: python Kdump: loaded Tainted:G\n[1640542.556629] RIP: 0010:kmem_cache_alloc+0x90/0x190\n[1640542.559074] RSP: 0018:ffffb16faa597df8 EFLAGS: 00010286\n[1640542.559587] RAX: 0000000000000000 RBX: 0000000000400200 RCX:\n0000000006e931bf\n[1640542.560323] RDX: 0000000006e931be RSI: 0000000000400200 RDI:\nffff9a45ff004300\n[1640542.560996] RBP: 0000000000400200 R08: 0000000000023420 R09:\n0000000000000000\n[1640542.561670] R10: 0000000000000000 R11: 0000000000000000 R12:\nffffffff9a20608d\n[1640542.562366] R13: ffff9a45ff004300 R14: ffff9a45ff004300 R15:\n696c662f65636976\n[1640542.563128] FS: 00007f45d7c6f740(0000) GS:ffff9a45ff840000(0000)\nknlGS:0000000000000000\n[1640542.563937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1640542.564557] CR2: 00007f45d71311a0 CR3: 000000189d63e004 CR4:\n00000000003606e0\n[1640542.565279] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[1640542.566069] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[1640542.566742] Call Trace:\n[1640542.567009] anon_vma_clone+0x5d/0x170\n[1640542.567417] __split_vma+0x91/0x1a0\n[1640542.567777] do_munmap+0x2c6/0x320\n[1640542.568128] vm_munmap+0x54/0x70\n[1640542.569990] __x64_sys_munmap+0x22/0x30\n[1640542.572005] do_syscall_64+0x5b/0x1b0\n[1640542.573724] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[1640542.575642] RIP: 0033:0x7f45d6e61e27\n\nJames Wang has reproduced it stably on the latest 4.19 LTS.\nAfter some debugging, we finally proved that it\u0027s due to ftrace\nbuffer out-of-bound access using a debug tool as follows:\n[ 86.775200] BUG: Out-of-bounds write at addr 0xffff88aefe8b7000\n[ 86.780806] no_context+0xdf/0x3c0\n[ 86.784327] __do_page_fault+0x252/0x470\n[ 86.788367] do_page_fault+0x32/0x140\n[ 86.792145] page_fault+0x1e/0x30\n[ 86.795576] strncpy_from_unsafe+0x66/0xb0\n[ 86.799789] fetch_memory_string+0x25/0x40\n[ 86.804002] fetch_deref_string+0x51/0x60\n[ 86.808134] kprobe_trace_func+0x32d/0x3a0\n[ 86.812347] kprobe_dispatcher+0x45/0x50\n[ 86.816385] kprobe_ftrace_handler+0x90/0xf0\n[ 86.820779] ftrace_ops_assist_func+0xa1/0x140\n[ 86.825340] 0xffffffffc00750bf\n[ 86.828603] do_sys_open+0x5/0x1f0\n[ 86.832124] do_syscall_64+0x5b/0x1b0\n[ 86.835900] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\ncommit b220c049d519 (\"tracing: Check length before giving out\nthe filter buffer\") adds length check to protect trace data\noverflow introduced in 0fc1b09ff1ff, seems that this fix can\u0027t prevent\noverflow entirely, the length check should also take the sizeof\nentry-\u003earray[0] into account, since this array[0] is filled the\nlength of trace data and occupy addtional space and risk overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47274",
"url": "https://www.suse.com/security/cve/CVE-2021-47274"
},
{
"category": "external",
"summary": "SUSE Bug 1224990 for CVE-2021-47274",
"url": "https://bugzilla.suse.com/1224990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47274"
},
{
"cve": "CVE-2021-47276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47276"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Do not blindly read the ip address in ftrace_bug()\n\nIt was reported that a bug on arm64 caused a bad ip address to be used for\nupdating into a nop in ftrace_init(), but the error path (rightfully)\nreturned -EINVAL and not -EFAULT, as the bug caused more than one error to\noccur. But because -EINVAL was returned, the ftrace_bug() tried to report\nwhat was at the location of the ip address, and read it directly. This\ncaused the machine to panic, as the ip was not pointing to a valid memory\naddress.\n\nInstead, read the ip address with copy_from_kernel_nofault() to safely\naccess the memory, and if it faults, report that the address faulted,\notherwise report what was in that location.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47276",
"url": "https://www.suse.com/security/cve/CVE-2021-47276"
},
{
"category": "external",
"summary": "SUSE Bug 1224966 for CVE-2021-47276",
"url": "https://bugzilla.suse.com/1224966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47276"
},
{
"cve": "CVE-2021-47277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkvm: avoid speculation-based attacks from out-of-range memslot accesses\n\nKVM\u0027s mechanism for accessing guest memory translates a guest physical\naddress (gpa) to a host virtual address using the right-shifted gpa\n(also known as gfn) and a struct kvm_memory_slot. The translation is\nperformed in __gfn_to_hva_memslot using the following formula:\n\n hva = slot-\u003euserspace_addr + (gfn - slot-\u003ebase_gfn) * PAGE_SIZE\n\nIt is expected that gfn falls within the boundaries of the guest\u0027s\nphysical memory. However, a guest can access invalid physical addresses\nin such a way that the gfn is invalid.\n\n__gfn_to_hva_memslot is called from kvm_vcpu_gfn_to_hva_prot, which first\nretrieves a memslot through __gfn_to_memslot. While __gfn_to_memslot\ndoes check that the gfn falls within the boundaries of the guest\u0027s\nphysical memory or not, a CPU can speculate the result of the check and\ncontinue execution speculatively using an illegal gfn. The speculation\ncan result in calculating an out-of-bounds hva. If the resulting host\nvirtual address is used to load another guest physical address, this\nis effectively a Spectre gadget consisting of two consecutive reads,\nthe second of which is data dependent on the first.\n\nRight now it\u0027s not clear if there are any cases in which this is\nexploitable. One interesting case was reported by the original author\nof this patch, and involves visiting guest page tables on x86. Right\nnow these are not vulnerable because the hva read goes through get_user(),\nwhich contains an LFENCE speculation barrier. However, there are\npatches in progress for x86 uaccess.h to mask kernel addresses instead of\nusing LFENCE; once these land, a guest could use speculation to read\nfrom the VMM\u0027s ring 3 address space. Other architectures such as ARM\nalready use the address masking method, and would be susceptible to\nthis same kind of data-dependent access gadgets. Therefore, this patch\nproactively protects from these attacks by masking out-of-bounds gfns\nin __gfn_to_hva_memslot, which blocks speculation of invalid hvas.\n\nSean Christopherson noted that this patch does not cover\nkvm_read_guest_offset_cached. This however is limited to a few bytes\npast the end of the cache, and therefore it is unlikely to be useful in\nthe context of building a chain of data dependent accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47277",
"url": "https://www.suse.com/security/cve/CVE-2021-47277"
},
{
"category": "external",
"summary": "SUSE Bug 1224960 for CVE-2021-47277",
"url": "https://bugzilla.suse.com/1224960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47277"
},
{
"cve": "CVE-2021-47280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47280"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Fix use-after-free read in drm_getunique()\n\nThere is a time-of-check-to-time-of-use error in drm_getunique() due\nto retrieving file_priv-\u003emaster prior to locking the device\u0027s master\nmutex.\n\nAn example can be seen in the crash report of the use-after-free error\nfound by Syzbot:\nhttps://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803\n\nIn the report, the master pointer was used after being freed. This is\nbecause another process had acquired the device\u0027s master mutex in\ndrm_setmaster_ioctl(), then overwrote fpriv-\u003emaster in\ndrm_new_set_master(). The old value of fpriv-\u003emaster was subsequently\nfreed before the mutex was unlocked.\n\nTo fix this, we lock the device\u0027s master mutex before retrieving the\npointer from from fpriv-\u003emaster. This patch passes the Syzbot\nreproducer test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47280",
"url": "https://www.suse.com/security/cve/CVE-2021-47280"
},
{
"category": "external",
"summary": "SUSE Bug 1224982 for CVE-2021-47280",
"url": "https://bugzilla.suse.com/1224982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47280"
},
{
"cve": "CVE-2021-47281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: Fix race of snd_seq_timer_open()\n\nThe timer instance per queue is exclusive, and snd_seq_timer_open()\nshould have managed the concurrent accesses. It looks as if it\u0027s\nchecking the already existing timer instance at the beginning, but\nit\u0027s not right, because there is no protection, hence any later\nconcurrent call of snd_seq_timer_open() may override the timer\ninstance easily. This may result in UAF, as the leftover timer\ninstance can keep running while the queue itself gets closed, as\nspotted by syzkaller recently.\n\nFor avoiding the race, add a proper check at the assignment of\ntmr-\u003etimeri again, and return -EBUSY if it\u0027s been already registered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47281",
"url": "https://www.suse.com/security/cve/CVE-2021-47281"
},
{
"category": "external",
"summary": "SUSE Bug 1224983 for CVE-2021-47281",
"url": "https://bugzilla.suse.com/1224983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47281"
},
{
"cve": "CVE-2021-47284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: netjet: Fix crash in nj_probe:\n\n\u0027nj_setup\u0027 in netjet.c might fail with -EIO and in this case\n\u0027card-\u003eirq\u0027 is initialized and is bigger than zero. A subsequent call to\n\u0027nj_release\u0027 will free the irq that has not been requested.\n\nFix this bug by deleting the previous assignment to \u0027card-\u003eirq\u0027 and just\nkeep the assignment before \u0027request_irq\u0027.\n\nThe KASAN\u0027s log reveals it:\n\n[ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826\nfree_irq+0x100/0x480\n[ 3.355112 ] Modules linked in:\n[ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.356552 ] RIP: 0010:free_irq+0x100/0x480\n[ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18\n4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5\nff \u003c0f\u003e 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80\n[ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082\n[ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX:\n0000000000000000\n[ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI:\n00000000ffffffff\n[ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09:\n0000000000000000\n[ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12:\n0000000000000000\n[ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15:\nffff888104dc80a8\n[ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000)\nknlGS:0000000000000000\n[ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4:\n00000000000006f0\n[ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] nj_release+0x51/0x1e0\n[ 3.362175 ] nj_probe+0x450/0x950\n[ 3.362175 ] ? pci_device_remove+0x110/0x110\n[ 3.362175 ] local_pci_probe+0x45/0xa0\n[ 3.362175 ] pci_device_probe+0x12b/0x1d0\n[ 3.362175 ] really_probe+0x2a9/0x610\n[ 3.362175 ] driver_probe_device+0x90/0x1d0\n[ 3.362175 ] ? mutex_lock_nested+0x1b/0x20\n[ 3.362175 ] device_driver_attach+0x68/0x70\n[ 3.362175 ] __driver_attach+0x124/0x1b0\n[ 3.362175 ] ? device_driver_attach+0x70/0x70\n[ 3.362175 ] bus_for_each_dev+0xbb/0x110\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] driver_attach+0x27/0x30\n[ 3.362175 ] bus_add_driver+0x1eb/0x2a0\n[ 3.362175 ] driver_register+0xa9/0x180\n[ 3.362175 ] __pci_register_driver+0x82/0x90\n[ 3.362175 ] ? w6692_init+0x38/0x38\n[ 3.362175 ] nj_init+0x36/0x38\n[ 3.362175 ] do_one_initcall+0x7f/0x3d0\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80\n[ 3.362175 ] kernel_init_freeable+0x2aa/0x301\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] kernel_init+0x18/0x190\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ret_from_fork+0x1f/0x30\n[ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ...\n[ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] dump_stack+0xba/0xf5\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] panic+0x15a/0x3f2\n[ 3.362175 ] ? __warn+0xf2/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] __warn+0x108/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] report_bug+0x119/0x1c0\n[ 3.362175 ] handle_bug+0x3b/0x80\n[ 3.362175 ] exc_invalid_op+0x18/0x70\n[ 3.362175 ] asm_exc_invalid_op+0x12/0x20\n[ 3.362175 ] RIP: 0010:free_irq+0x100\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47284",
"url": "https://www.suse.com/security/cve/CVE-2021-47284"
},
{
"category": "external",
"summary": "SUSE Bug 1224987 for CVE-2021-47284",
"url": "https://bugzilla.suse.com/1224987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47284"
},
{
"cve": "CVE-2021-47285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47285"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47285",
"url": "https://www.suse.com/security/cve/CVE-2021-47285"
},
{
"category": "external",
"summary": "SUSE Bug 1224981 for CVE-2021-47285",
"url": "https://bugzilla.suse.com/1224981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47285"
},
{
"cve": "CVE-2021-47288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47288"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()\n\nFix an 11-year old bug in ngene_command_config_free_buf() while\naddressing the following warnings caught with -Warray-bounds:\n\narch/alpha/include/asm/string.h:22:16: warning: \u0027__builtin_memcpy\u0027 offset [12, 16] from the object at \u0027com\u0027 is out of the bounds of referenced subobject \u0027config\u0027 with type \u0027unsigned char\u0027 at offset 10 [-Warray-bounds]\narch/x86/include/asm/string_32.h:182:25: warning: \u0027__builtin_memcpy\u0027 offset [12, 16] from the object at \u0027com\u0027 is out of the bounds of referenced subobject \u0027config\u0027 with type \u0027unsigned char\u0027 at offset 10 [-Warray-bounds]\n\nThe problem is that the original code is trying to copy 6 bytes of\ndata into a one-byte size member _config_ of the wrong structue\nFW_CONFIGURE_BUFFERS, in a single call to memcpy(). This causes a\nlegitimate compiler warning because memcpy() overruns the length\nof \u0026com.cmd.ConfigureBuffers.config. It seems that the right\nstructure is FW_CONFIGURE_FREE_BUFFERS, instead, because it contains\n6 more members apart from the header _hdr_. Also, the name of\nthe function ngene_command_config_free_buf() suggests that the actual\nintention is to ConfigureFreeBuffers, instead of ConfigureBuffers\n(which takes place in the function ngene_command_config_buf(), above).\n\nFix this by enclosing those 6 members of struct FW_CONFIGURE_FREE_BUFFERS\ninto new struct config, and use \u0026com.cmd.ConfigureFreeBuffers.config as\nthe destination address, instead of \u0026com.cmd.ConfigureBuffers.config,\nwhen calling memcpy().\n\nThis also helps with the ongoing efforts to globally enable\n-Warray-bounds and get us closer to being able to tighten the\nFORTIFY_SOURCE routines on memcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47288",
"url": "https://www.suse.com/security/cve/CVE-2021-47288"
},
{
"category": "external",
"summary": "SUSE Bug 1224889 for CVE-2021-47288",
"url": "https://bugzilla.suse.com/1224889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47288"
},
{
"cve": "CVE-2021-47301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix use-after-free error during reset\n\nCleans the next descriptor to watch (next_to_watch) when cleaning the\nTX ring.\n\nFailure to do so can cause invalid memory accesses. If igb_poll() runs\nwhile the controller is reset this can lead to the driver try to free\na skb that was already freed.\n\n(The crash is harder to reproduce with the igb driver, but the same\npotential problem exists as the code is identical to igc)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47301",
"url": "https://www.suse.com/security/cve/CVE-2021-47301"
},
{
"category": "external",
"summary": "SUSE Bug 1224916 for CVE-2021-47301",
"url": "https://bugzilla.suse.com/1224916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47301"
},
{
"cve": "CVE-2021-47302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: Fix use-after-free error during reset\n\nCleans the next descriptor to watch (next_to_watch) when cleaning the\nTX ring.\n\nFailure to do so can cause invalid memory accesses. If igc_poll() runs\nwhile the controller is being reset this can lead to the driver try to\nfree a skb that was already freed.\n\nLog message:\n\n [ 101.525242] refcount_t: underflow; use-after-free.\n [ 101.525251] WARNING: CPU: 1 PID: 646 at lib/refcount.c:28 refcount_warn_saturate+0xab/0xf0\n [ 101.525259] Modules linked in: sch_etf(E) sch_mqprio(E) rfkill(E) intel_rapl_msr(E) intel_rapl_common(E)\n x86_pkg_temp_thermal(E) intel_powerclamp(E) coretemp(E) binfmt_misc(E) kvm_intel(E) kvm(E) irqbypass(E) crc32_pclmul(E)\n ghash_clmulni_intel(E) aesni_intel(E) mei_wdt(E) libaes(E) crypto_simd(E) cryptd(E) glue_helper(E) snd_hda_codec_hdmi(E)\n rapl(E) intel_cstate(E) snd_hda_intel(E) snd_intel_dspcfg(E) sg(E) soundwire_intel(E) intel_uncore(E) at24(E)\n soundwire_generic_allocation(E) iTCO_wdt(E) soundwire_cadence(E) intel_pmc_bxt(E) serio_raw(E) snd_hda_codec(E)\n iTCO_vendor_support(E) watchdog(E) snd_hda_core(E) snd_hwdep(E) snd_soc_core(E) snd_compress(E) snd_pcsp(E)\n soundwire_bus(E) snd_pcm(E) evdev(E) snd_timer(E) mei_me(E) snd(E) soundcore(E) mei(E) configfs(E) ip_tables(E) x_tables(E)\n autofs4(E) ext4(E) crc32c_generic(E) crc16(E) mbcache(E) jbd2(E) sd_mod(E) t10_pi(E) crc_t10dif(E) crct10dif_generic(E)\n i915(E) ahci(E) libahci(E) ehci_pci(E) igb(E) xhci_pci(E) ehci_hcd(E)\n [ 101.525303] drm_kms_helper(E) dca(E) xhci_hcd(E) libata(E) crct10dif_pclmul(E) cec(E) crct10dif_common(E) tsn(E) igc(E)\n e1000e(E) ptp(E) i2c_i801(E) crc32c_intel(E) psmouse(E) i2c_algo_bit(E) i2c_smbus(E) scsi_mod(E) lpc_ich(E) pps_core(E)\n usbcore(E) drm(E) button(E) video(E)\n [ 101.525318] CPU: 1 PID: 646 Comm: irq/37-enp7s0-T Tainted: G E 5.10.30-rt37-tsn1-rt-ipipe #ipipe\n [ 101.525320] Hardware name: SIEMENS AG SIMATIC IPC427D/A5E31233588, BIOS V17.02.09 03/31/2017\n [ 101.525322] RIP: 0010:refcount_warn_saturate+0xab/0xf0\n [ 101.525325] Code: 05 31 48 44 01 01 e8 f0 c6 42 00 0f 0b c3 80 3d 1f 48 44 01 00 75 90 48 c7 c7 78 a8 f3 a6 c6 05 0f 48\n 44 01 01 e8 d1 c6 42 00 \u003c0f\u003e 0b c3 80 3d fe 47 44 01 00 0f 85 6d ff ff ff 48 c7 c7 d0 a8 f3\n [ 101.525327] RSP: 0018:ffffbdedc0917cb8 EFLAGS: 00010286\n [ 101.525329] RAX: 0000000000000000 RBX: ffff98fd6becbf40 RCX: 0000000000000001\n [ 101.525330] RDX: 0000000000000001 RSI: ffffffffa6f2700c RDI: 00000000ffffffff\n [ 101.525332] RBP: ffff98fd6becc14c R08: ffffffffa7463d00 R09: ffffbdedc0917c50\n [ 101.525333] R10: ffffffffa74c3578 R11: 0000000000000034 R12: 00000000ffffff00\n [ 101.525335] R13: ffff98fd6b0b1000 R14: 0000000000000039 R15: ffff98fd6be35c40\n [ 101.525337] FS: 0000000000000000(0000) GS:ffff98fd6e240000(0000) knlGS:0000000000000000\n [ 101.525339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 101.525341] CR2: 00007f34135a3a70 CR3: 0000000150210003 CR4: 00000000001706e0\n [ 101.525343] Call Trace:\n [ 101.525346] sock_wfree+0x9c/0xa0\n [ 101.525353] unix_destruct_scm+0x7b/0xa0\n [ 101.525358] skb_release_head_state+0x40/0x90\n [ 101.525362] skb_release_all+0xe/0x30\n [ 101.525364] napi_consume_skb+0x57/0x160\n [ 101.525367] igc_poll+0xb7/0xc80 [igc]\n [ 101.525376] ? sched_clock+0x5/0x10\n [ 101.525381] ? sched_clock_cpu+0xe/0x100\n [ 101.525385] net_rx_action+0x14c/0x410\n [ 101.525388] __do_softirq+0xe9/0x2f4\n [ 101.525391] __local_bh_enable_ip+0xe3/0x110\n [ 101.525395] ? irq_finalize_oneshot.part.47+0xe0/0xe0\n [ 101.525398] irq_forced_thread_fn+0x6a/0x80\n [ 101.525401] irq_thread+0xe8/0x180\n [ 101.525403] ? wake_threads_waitq+0x30/0x30\n [ 101.525406] ? irq_thread_check_affinity+0xd0/0xd0\n [ 101.525408] kthread+0x183/0x1a0\n [ 101.525412] ? kthread_park+0x80/0x80\n [ 101.525415] ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47302",
"url": "https://www.suse.com/security/cve/CVE-2021-47302"
},
{
"category": "external",
"summary": "SUSE Bug 1224917 for CVE-2021-47302",
"url": "https://bugzilla.suse.com/1224917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47302"
},
{
"cve": "CVE-2021-47305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sync_file: Don\u0027t leak fences on merge failure\n\nEach add_fence() call does a dma_fence_get() on the relevant fence. In\nthe error path, we weren\u0027t calling dma_fence_put() so all those fences\ngot leaked. Also, in the krealloc_array failure case, we weren\u0027t\nfreeing the fences array. Instead, ensure that i and fences are always\nzero-initialized and dma_fence_put() all the fences and kfree(fences) on\nevery error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47305",
"url": "https://www.suse.com/security/cve/CVE-2021-47305"
},
{
"category": "external",
"summary": "SUSE Bug 1224968 for CVE-2021-47305",
"url": "https://bugzilla.suse.com/1224968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47305"
},
{
"cve": "CVE-2021-47307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL deref in cifs_compose_mount_options()\n\nThe optional @ref parameter might contain an NULL node_name, so\nprevent dereferencing it in cifs_compose_mount_options().\n\nAddresses-Coverity: 1476408 (\"Explicit null dereferenced\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47307",
"url": "https://www.suse.com/security/cve/CVE-2021-47307"
},
{
"category": "external",
"summary": "SUSE Bug 1224961 for CVE-2021-47307",
"url": "https://bugzilla.suse.com/1224961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47307"
},
{
"cve": "CVE-2021-47308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47308"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix array index out of bound exception\n\nFix array index out of bound exception in fc_rport_prli_resp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47308",
"url": "https://www.suse.com/security/cve/CVE-2021-47308"
},
{
"category": "external",
"summary": "SUSE Bug 1224963 for CVE-2021-47308",
"url": "https://bugzilla.suse.com/1224963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47308"
},
{
"cve": "CVE-2021-47310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47310"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ti: fix UAF in tlan_remove_one\n\npriv is netdev private data and it cannot be\nused after free_netdev() call. Using priv after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47310",
"url": "https://www.suse.com/security/cve/CVE-2021-47310"
},
{
"category": "external",
"summary": "SUSE Bug 1224959 for CVE-2021-47310",
"url": "https://bugzilla.suse.com/1224959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47310"
},
{
"cve": "CVE-2021-47311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47311"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qcom/emac: fix UAF in emac_remove\n\nadpt is netdev private data and it cannot be\nused after free_netdev() call. Using adpt after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47311",
"url": "https://www.suse.com/security/cve/CVE-2021-47311"
},
{
"category": "external",
"summary": "SUSE Bug 1225010 for CVE-2021-47311",
"url": "https://bugzilla.suse.com/1225010"
},
{
"category": "external",
"summary": "SUSE Bug 1227752 for CVE-2021-47311",
"url": "https://bugzilla.suse.com/1227752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47311"
},
{
"cve": "CVE-2021-47314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47314"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: fsl_ifc: fix leak of private memory on probe failure\n\nOn probe error the driver should free the memory allocated for private\nstructure. Fix this by using resource-managed allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47314",
"url": "https://www.suse.com/security/cve/CVE-2021-47314"
},
{
"category": "external",
"summary": "SUSE Bug 1224893 for CVE-2021-47314",
"url": "https://bugzilla.suse.com/1224893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47314"
},
{
"cve": "CVE-2021-47315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47315"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: fsl_ifc: fix leak of IO mapping on probe failure\n\nOn probe error the driver should unmap the IO memory. Smatch reports:\n\n drivers/memory/fsl_ifc.c:298 fsl_ifc_ctrl_probe() warn: \u0027fsl_ifc_ctrl_dev-\u003egregs\u0027 not released on lines: 298.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47315",
"url": "https://www.suse.com/security/cve/CVE-2021-47315"
},
{
"category": "external",
"summary": "SUSE Bug 1224892 for CVE-2021-47315",
"url": "https://bugzilla.suse.com/1224892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47315"
},
{
"cve": "CVE-2021-47319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47319"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: Fix memory leak among suspend/resume procedure\n\nThe vblk-\u003evqs should be freed before we call init_vqs()\nin virtblk_restore().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47319",
"url": "https://www.suse.com/security/cve/CVE-2021-47319"
},
{
"category": "external",
"summary": "SUSE Bug 1225054 for CVE-2021-47319",
"url": "https://bugzilla.suse.com/1225054"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47319"
},
{
"cve": "CVE-2021-47320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix acl memory leak of posix_acl_create()\n\nWhen looking into another nfs xfstests report, I found acl and\ndefault_acl in nfs3_proc_create() and nfs3_proc_mknod() error\npaths are possibly leaked. Fix them in advance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47320",
"url": "https://www.suse.com/security/cve/CVE-2021-47320"
},
{
"category": "external",
"summary": "SUSE Bug 1225058 for CVE-2021-47320",
"url": "https://bugzilla.suse.com/1225058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47320"
},
{
"cve": "CVE-2021-47321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47321"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: Fix possible use-after-free by calling del_timer_sync()\n\nThis driver\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47321",
"url": "https://www.suse.com/security/cve/CVE-2021-47321"
},
{
"category": "external",
"summary": "SUSE Bug 1225060 for CVE-2021-47321",
"url": "https://bugzilla.suse.com/1225060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47321"
},
{
"cve": "CVE-2021-47323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47323"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47323",
"url": "https://www.suse.com/security/cve/CVE-2021-47323"
},
{
"category": "external",
"summary": "SUSE Bug 1225026 for CVE-2021-47323",
"url": "https://bugzilla.suse.com/1225026"
},
{
"category": "external",
"summary": "SUSE Bug 1227557 for CVE-2021-47323",
"url": "https://bugzilla.suse.com/1227557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47323"
},
{
"cve": "CVE-2021-47324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: Fix possible use-after-free in wdt_startup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47324",
"url": "https://www.suse.com/security/cve/CVE-2021-47324"
},
{
"category": "external",
"summary": "SUSE Bug 1225030 for CVE-2021-47324",
"url": "https://bugzilla.suse.com/1225030"
},
{
"category": "external",
"summary": "SUSE Bug 1225038 for CVE-2021-47324",
"url": "https://bugzilla.suse.com/1225038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47324"
},
{
"cve": "CVE-2021-47330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47330"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: 8250: serial_cs: Fix a memory leak in error handling path\n\nIn the probe function, if the final \u0027serial_config()\u0027 fails, \u0027info\u0027 is\nleaking.\n\nAdd a resource handling path to free this memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47330",
"url": "https://www.suse.com/security/cve/CVE-2021-47330"
},
{
"category": "external",
"summary": "SUSE Bug 1225084 for CVE-2021-47330",
"url": "https://bugzilla.suse.com/1225084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47330"
},
{
"cve": "CVE-2021-47334",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47334"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/libmasm/module: Fix two use after free in ibmasm_init_one\n\nIn ibmasm_init_one, it calls ibmasm_init_remote_input_dev().\nInside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are\nallocated by input_allocate_device(), and assigned to\nsp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev respectively.\n\nIn the err_free_devices error branch of ibmasm_init_one,\nmouse_dev and keybd_dev are freed by input_free_device(), and return\nerror. Then the execution runs into error_send_message error branch\nof ibmasm_init_one, where ibmasm_free_remote_input_dev(sp) is called\nto unregister the freed sp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev.\n\nMy patch add a \"error_init_remote\" label to handle the error of\nibmasm_init_remote_input_dev(), to avoid the uaf bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47334",
"url": "https://www.suse.com/security/cve/CVE-2021-47334"
},
{
"category": "external",
"summary": "SUSE Bug 1225112 for CVE-2021-47334",
"url": "https://bugzilla.suse.com/1225112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47334"
},
{
"cve": "CVE-2021-47337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47337"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix bad pointer dereference when ehandler kthread is invalid\n\nCommit 66a834d09293 (\"scsi: core: Fix error handling of scsi_host_alloc()\")\nchanged the allocation logic to call put_device() to perform host cleanup\nwith the assumption that IDA removal and stopping the kthread would\nproperly be performed in scsi_host_dev_release(). However, in the unlikely\ncase that the error handler thread fails to spawn, shost-\u003eehandler is set\nto ERR_PTR(-ENOMEM).\n\nThe error handler cleanup code in scsi_host_dev_release() will call\nkthread_stop() if shost-\u003eehandler != NULL which will always be the case\nwhether the kthread was successfully spawned or not. In the case that it\nfailed to spawn this has the nasty side effect of trying to dereference an\ninvalid pointer when kthread_stop() is called. The following splat provides\nan example of this behavior in the wild:\n\nscsi host11: error handler thread failed to spawn, error = -4\nKernel attempted to read user page (10c) - exploit attempt? (uid: 0)\nBUG: Kernel NULL pointer dereference on read at 0x0000010c\nFaulting instruction address: 0xc00000000818e9a8\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: ibmvscsi(+) scsi_transport_srp dm_multipath dm_mirror dm_region\n hash dm_log dm_mod fuse overlay squashfs loop\nCPU: 12 PID: 274 Comm: systemd-udevd Not tainted 5.13.0-rc7 #1\nNIP: c00000000818e9a8 LR: c0000000089846e8 CTR: 0000000000007ee8\nREGS: c000000037d12ea0 TRAP: 0300 Not tainted (5.13.0-rc7)\nMSR: 800000000280b033 \u0026lt;SF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u0026gt; CR: 28228228\nXER: 20040001\nCFAR: c0000000089846e4 DAR: 000000000000010c DSISR: 40000000 IRQMASK: 0\nGPR00: c0000000089846e8 c000000037d13140 c000000009cc1100 fffffffffffffffc\nGPR04: 0000000000000001 0000000000000000 0000000000000000 c000000037dc0000\nGPR08: 0000000000000000 c000000037dc0000 0000000000000001 00000000fffff7ff\nGPR12: 0000000000008000 c00000000a049000 c000000037d13d00 000000011134d5a0\nGPR16: 0000000000001740 c0080000190d0000 c0080000190d1740 c000000009129288\nGPR20: c000000037d13bc0 0000000000000001 c000000037d13bc0 c0080000190b7898\nGPR24: c0080000190b7708 0000000000000000 c000000033bb2c48 0000000000000000\nGPR28: c000000046b28280 0000000000000000 000000000000010c fffffffffffffffc\nNIP [c00000000818e9a8] kthread_stop+0x38/0x230\nLR [c0000000089846e8] scsi_host_dev_release+0x98/0x160\nCall Trace:\n[c000000033bb2c48] 0xc000000033bb2c48 (unreliable)\n[c0000000089846e8] scsi_host_dev_release+0x98/0x160\n[c00000000891e960] device_release+0x60/0x100\n[c0000000087e55c4] kobject_release+0x84/0x210\n[c00000000891ec78] put_device+0x28/0x40\n[c000000008984ea4] scsi_host_alloc+0x314/0x430\n[c0080000190b38bc] ibmvscsi_probe+0x54/0xad0 [ibmvscsi]\n[c000000008110104] vio_bus_probe+0xa4/0x4b0\n[c00000000892a860] really_probe+0x140/0x680\n[c00000000892aefc] driver_probe_device+0x15c/0x200\n[c00000000892b63c] device_driver_attach+0xcc/0xe0\n[c00000000892b740] __driver_attach+0xf0/0x200\n[c000000008926f28] bus_for_each_dev+0xa8/0x130\n[c000000008929ce4] driver_attach+0x34/0x50\n[c000000008928fc0] bus_add_driver+0x1b0/0x300\n[c00000000892c798] driver_register+0x98/0x1a0\n[c00000000810eb60] __vio_register_driver+0x80/0xe0\n[c0080000190b4a30] ibmvscsi_module_init+0x9c/0xdc [ibmvscsi]\n[c0000000080121d0] do_one_initcall+0x60/0x2d0\n[c000000008261abc] do_init_module+0x7c/0x320\n[c000000008265700] load_module+0x2350/0x25b0\n[c000000008265cb4] __do_sys_finit_module+0xd4/0x160\n[c000000008031110] system_call_exception+0x150/0x2d0\n[c00000000800d35c] system_call_common+0xec/0x278\n\nFix this be nulling shost-\u003eehandler when the kthread fails to spawn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47337",
"url": "https://www.suse.com/security/cve/CVE-2021-47337"
},
{
"category": "external",
"summary": "SUSE Bug 1224926 for CVE-2021-47337",
"url": "https://bugzilla.suse.com/1224926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47337"
},
{
"cve": "CVE-2021-47343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47343"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm btree remove: assign new_root only when removal succeeds\n\nremove_raw() in dm_btree_remove() may fail due to IO read error\n(e.g. read the content of origin block fails during shadowing),\nand the value of shadow_spine::root is uninitialized, but\nthe uninitialized value is still assign to new_root in the\nend of dm_btree_remove().\n\nFor dm-thin, the value of pmd-\u003edetails_root or pmd-\u003eroot will become\nan uninitialized value, so if trying to read details_info tree again\nout-of-bound memory may occur as showed below:\n\n general protection fault, probably for non-canonical address 0x3fdcb14c8d7520\n CPU: 4 PID: 515 Comm: dmsetup Not tainted 5.13.0-rc6\n Hardware name: QEMU Standard PC\n RIP: 0010:metadata_ll_load_ie+0x14/0x30\n Call Trace:\n sm_metadata_count_is_more_than_one+0xb9/0xe0\n dm_tm_shadow_block+0x52/0x1c0\n shadow_step+0x59/0xf0\n remove_raw+0xb2/0x170\n dm_btree_remove+0xf4/0x1c0\n dm_pool_delete_thin_device+0xc3/0x140\n pool_message+0x218/0x2b0\n target_message+0x251/0x290\n ctl_ioctl+0x1c4/0x4d0\n dm_ctl_ioctl+0xe/0x20\n __x64_sys_ioctl+0x7b/0xb0\n do_syscall_64+0x40/0xb0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFixing it by only assign new_root when removal succeeds",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47343",
"url": "https://www.suse.com/security/cve/CVE-2021-47343"
},
{
"category": "external",
"summary": "SUSE Bug 1225155 for CVE-2021-47343",
"url": "https://bugzilla.suse.com/1225155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47343"
},
{
"cve": "CVE-2021-47344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47344"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: zr364xx: fix memory leak in zr364xx_start_readpipe\n\nsyzbot reported memory leak in zr364xx driver.\nThe problem was in non-freed urb in case of\nusb_submit_urb() fail.\n\nbacktrace:\n [\u003cffffffff82baedf6\u003e] kmalloc include/linux/slab.h:561 [inline]\n [\u003cffffffff82baedf6\u003e] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74\n [\u003cffffffff82f7cce8\u003e] zr364xx_start_readpipe+0x78/0x130 drivers/media/usb/zr364xx/zr364xx.c:1022\n [\u003cffffffff84251dfc\u003e] zr364xx_board_init drivers/media/usb/zr364xx/zr364xx.c:1383 [inline]\n [\u003cffffffff84251dfc\u003e] zr364xx_probe+0x6a3/0x851 drivers/media/usb/zr364xx/zr364xx.c:1516\n [\u003cffffffff82bb6507\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [\u003cffffffff826018a9\u003e] really_probe+0x159/0x500 drivers/base/dd.c:576",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47344",
"url": "https://www.suse.com/security/cve/CVE-2021-47344"
},
{
"category": "external",
"summary": "SUSE Bug 1224922 for CVE-2021-47344",
"url": "https://bugzilla.suse.com/1224922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47344"
},
{
"cve": "CVE-2021-47345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix rdma_resolve_route() memory leak\n\nFix a memory leak when \"mda_resolve_route() is called more than once on\nthe same \"rdma_cm_id\".\n\nThis is possible if cma_query_handler() triggers the\nRDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and\nallows rdma_resolve_route() to be called again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47345",
"url": "https://www.suse.com/security/cve/CVE-2021-47345"
},
{
"category": "external",
"summary": "SUSE Bug 1225157 for CVE-2021-47345",
"url": "https://bugzilla.suse.com/1225157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47345"
},
{
"cve": "CVE-2021-47347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47347"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwl1251: Fix possible buffer overflow in wl1251_cmd_scan\n\nFunction wl1251_cmd_scan calls memcpy without checking the length.\nHarden by checking the length is within the maximum allowed size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47347",
"url": "https://www.suse.com/security/cve/CVE-2021-47347"
},
{
"category": "external",
"summary": "SUSE Bug 1225177 for CVE-2021-47347",
"url": "https://bugzilla.suse.com/1225177"
},
{
"category": "external",
"summary": "SUSE Bug 1225305 for CVE-2021-47347",
"url": "https://bugzilla.suse.com/1225305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47347"
},
{
"cve": "CVE-2021-47352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: Add validation for used length\n\nThis adds validation for used length (might come\nfrom an untrusted device) to avoid data corruption\nor loss.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47352",
"url": "https://www.suse.com/security/cve/CVE-2021-47352"
},
{
"category": "external",
"summary": "SUSE Bug 1225124 for CVE-2021-47352",
"url": "https://bugzilla.suse.com/1225124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47352"
},
{
"cve": "CVE-2021-47353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47353"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix NULL pointer dereference in udf_symlink function\n\nIn function udf_symlink, epos.bh is assigned with the value returned\nby udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c\nand returns the value of sb_getblk function that could be NULL.\nThen, epos.bh is used without any check, causing a possible\nNULL pointer dereference when sb_getblk fails.\n\nThis fix adds a check to validate the value of epos.bh.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47353",
"url": "https://www.suse.com/security/cve/CVE-2021-47353"
},
{
"category": "external",
"summary": "SUSE Bug 1225128 for CVE-2021-47353",
"url": "https://bugzilla.suse.com/1225128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47353"
},
{
"cve": "CVE-2021-47355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47355"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: nicstar: Fix possible use-after-free in nicstar_cleanup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47355",
"url": "https://www.suse.com/security/cve/CVE-2021-47355"
},
{
"category": "external",
"summary": "SUSE Bug 1225141 for CVE-2021-47355",
"url": "https://bugzilla.suse.com/1225141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47355"
},
{
"cve": "CVE-2021-47356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47356"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible use-after-free in HFC_cleanup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47356",
"url": "https://www.suse.com/security/cve/CVE-2021-47356"
},
{
"category": "external",
"summary": "SUSE Bug 1225143 for CVE-2021-47356",
"url": "https://bugzilla.suse.com/1225143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47356"
},
{
"cve": "CVE-2021-47357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47357"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: iphase: fix possible use-after-free in ia_module_exit()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47357",
"url": "https://www.suse.com/security/cve/CVE-2021-47357"
},
{
"category": "external",
"summary": "SUSE Bug 1225144 for CVE-2021-47357",
"url": "https://bugzilla.suse.com/1225144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47357"
},
{
"cve": "CVE-2021-47361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmcb: fix error handling in mcb_alloc_bus()\n\nThere are two bugs:\n1) If ida_simple_get() fails then this code calls put_device(carrier)\n but we haven\u0027t yet called get_device(carrier) and probably that\n leads to a use after free.\n2) After device_initialize() then we need to use put_device() to\n release the bus. This will free the internal resources tied to the\n device and call mcb_free_bus() which will free the rest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47361",
"url": "https://www.suse.com/security/cve/CVE-2021-47361"
},
{
"category": "external",
"summary": "SUSE Bug 1225151 for CVE-2021-47361",
"url": "https://bugzilla.suse.com/1225151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47361"
},
{
"cve": "CVE-2021-47362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Update intermediate power state for SI\n\nUpdate the current state as boot state during dpm initialization.\nDuring the subsequent initialization, set_power_state gets called to\ntransition to the final power state. set_power_state refers to values\nfrom the current state and without current state populated, it could\nresult in NULL pointer dereference.\n\nFor ex: on platforms where PCI speed change is supported through ACPI\nATCS method, the link speed of current state needs to be queried before\ndeciding on changing to final power state\u0027s link speed. The logic to query\nATCS-support was broken on certain platforms. The issue became visible\nwhen broken ATCS-support logic got fixed with commit\nf9b7f3703ff9 (\"drm/amdgpu/acpi: make ATPX/ATCS structures global (v2)\").\n\nBug: https://gitlab.freedesktop.org/drm/amd/-/issues/1698",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47362",
"url": "https://www.suse.com/security/cve/CVE-2021-47362"
},
{
"category": "external",
"summary": "SUSE Bug 1225153 for CVE-2021-47362",
"url": "https://bugzilla.suse.com/1225153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47362"
},
{
"cve": "CVE-2021-47369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47369"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix NULL deref in qeth_clear_working_pool_list()\n\nWhen qeth_set_online() calls qeth_clear_working_pool_list() to roll\nback after an error exit from qeth_hardsetup_card(), we are at risk of\naccessing card-\u003eqdio.in_q before it was allocated by\nqeth_alloc_qdio_queues() via qeth_mpc_initialize().\n\nqeth_clear_working_pool_list() then dereferences NULL, and by writing to\nqueue-\u003ebufs[i].pool_entry scribbles all over the CPU\u0027s lowcore.\nResulting in a crash when those lowcore areas are used next (eg. on\nthe next machine-check interrupt).\n\nSuch a scenario would typically happen when the device is first set\nonline and its queues aren\u0027t allocated yet. An early IO error or certain\nmisconfigs (eg. mismatched transport mode, bad portno) then cause us to\nerror out from qeth_hardsetup_card() with card-\u003eqdio.in_q still being\nNULL.\n\nFix it by checking the pointer for NULL before accessing it.\n\nNote that we also have (rare) paths inside qeth_mpc_initialize() where\na configuration change can cause us to free the existing queues,\nexpecting that subsequent code will allocate them again. If we then\nerror out before that re-allocation happens, the same bug occurs.\n\nRoot-caused-by: Heiko Carstens \u003chca@linux.ibm.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47369",
"url": "https://www.suse.com/security/cve/CVE-2021-47369"
},
{
"category": "external",
"summary": "SUSE Bug 1225164 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "external",
"summary": "SUSE Bug 1227324 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1227324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47369"
},
{
"cve": "CVE-2021-47375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblktrace: Fix uaf in blk_trace access after removing by sysfs\n\nThere is an use-after-free problem triggered by following process:\n\n P1(sda)\t\t\t\tP2(sdb)\n\t\t\techo 0 \u003e /sys/block/sdb/trace/enable\n\t\t\t blk_trace_remove_queue\n\t\t\t synchronize_rcu\n\t\t\t blk_trace_free\n\t\t\t relay_close\nrcu_read_lock\n__blk_add_trace\n trace_note_tsk\n (Iterate running_trace_list)\n\t\t\t relay_close_buf\n\t\t\t\t relay_destroy_buf\n\t\t\t\t kfree(buf)\n trace_note(sdb\u0027s bt)\n relay_reserve\n buf-\u003eoffset \u003c- nullptr deference (use-after-free) !!!\nrcu_read_unlock\n\n[ 502.714379] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n[ 502.715260] #PF: supervisor read access in kernel mode\n[ 502.715903] #PF: error_code(0x0000) - not-present page\n[ 502.716546] PGD 103984067 P4D 103984067 PUD 17592b067 PMD 0\n[ 502.717252] Oops: 0000 [#1] SMP\n[ 502.720308] RIP: 0010:trace_note.isra.0+0x86/0x360\n[ 502.732872] Call Trace:\n[ 502.733193] __blk_add_trace.cold+0x137/0x1a3\n[ 502.733734] blk_add_trace_rq+0x7b/0xd0\n[ 502.734207] blk_add_trace_rq_issue+0x54/0xa0\n[ 502.734755] blk_mq_start_request+0xde/0x1b0\n[ 502.735287] scsi_queue_rq+0x528/0x1140\n...\n[ 502.742704] sg_new_write.isra.0+0x16e/0x3e0\n[ 502.747501] sg_ioctl+0x466/0x1100\n\nReproduce method:\n ioctl(/dev/sda, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sda, BLKTRACESTART)\n ioctl(/dev/sdb, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sdb, BLKTRACESTART)\n\n echo 0 \u003e /sys/block/sdb/trace/enable \u0026\n // Add delay(mdelay/msleep) before kernel enters blk_trace_free()\n\n ioctl$SG_IO(/dev/sda, SG_IO, ...)\n // Enters trace_note_tsk() after blk_trace_free() returned\n // Use mdelay in rcu region rather than msleep(which may schedule out)\n\nRemove blk_trace from running_list before calling blk_trace_free() by\nsysfs if blk_trace is at Blktrace_running state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47375",
"url": "https://www.suse.com/security/cve/CVE-2021-47375"
},
{
"category": "external",
"summary": "SUSE Bug 1225193 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "external",
"summary": "SUSE Bug 1225194 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47375"
},
{
"cve": "CVE-2021-47378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: destroy cm id before destroy qp to avoid use after free\n\nWe should always destroy cm_id before destroy qp to avoid to get cma\nevent after qp was destroyed, which may lead to use after free.\nIn RDMA connection establishment error flow, don\u0027t destroy qp in cm\nevent handler.Just report cm_error to upper level, qp will be destroy\nin nvme_rdma_alloc_queue() after destroy cm id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47378",
"url": "https://www.suse.com/security/cve/CVE-2021-47378"
},
{
"category": "external",
"summary": "SUSE Bug 1225201 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "external",
"summary": "SUSE Bug 1225202 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47378"
},
{
"cve": "CVE-2021-47382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47382"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix deadlock during failing recovery\n\nCommit 0b9902c1fcc5 (\"s390/qeth: fix deadlock during recovery\") removed\ntaking discipline_mutex inside qeth_do_reset(), fixing potential\ndeadlocks. An error path was missed though, that still takes\ndiscipline_mutex and thus has the original deadlock potential.\n\nIntermittent deadlocks were seen when a qeth channel path is configured\noffline, causing a race between qeth_do_reset and ccwgroup_remove.\nCall qeth_set_offline() directly in the qeth_do_reset() error case and\nthen a new variant of ccwgroup_set_offline(), without taking\ndiscipline_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47382",
"url": "https://www.suse.com/security/cve/CVE-2021-47382"
},
{
"category": "external",
"summary": "SUSE Bug 1225207 for CVE-2021-47382",
"url": "https://bugzilla.suse.com/1225207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47382"
},
{
"cve": "CVE-2021-47383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn\u0027t call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47383",
"url": "https://www.suse.com/security/cve/CVE-2021-47383"
},
{
"category": "external",
"summary": "SUSE Bug 1225208 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "external",
"summary": "SUSE Bug 1225211 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47383"
},
{
"cve": "CVE-2021-47391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests\n\nThe FSM can run in a circle allowing rdma_resolve_ip() to be called twice\non the same id_priv. While this cannot happen without going through the\nwork, it violates the invariant that the same address resolution\nbackground request cannot be active twice.\n\n CPU 1 CPU 2\n\nrdma_resolve_addr():\n RDMA_CM_IDLE -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler) #1\n\n\t\t\t process_one_req(): for #1\n addr_handler():\n RDMA_CM_ADDR_QUERY -\u003e RDMA_CM_ADDR_BOUND\n mutex_unlock(\u0026id_priv-\u003ehandler_mutex);\n [.. handler still running ..]\n\nrdma_resolve_addr():\n RDMA_CM_ADDR_BOUND -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler)\n !! two requests are now on the req_list\n\nrdma_destroy_id():\n destroy_id_handler_unlock():\n _destroy_id():\n cma_cancel_operation():\n rdma_addr_cancel()\n\n // process_one_req() self removes it\n\t\t spin_lock_bh(\u0026lock);\n cancel_delayed_work(\u0026req-\u003ework);\n\t if (!list_empty(\u0026req-\u003elist)) == true\n\n ! rdma_addr_cancel() returns after process_on_req #1 is done\n\n kfree(id_priv)\n\n\t\t\t process_one_req(): for #2\n addr_handler():\n\t mutex_lock(\u0026id_priv-\u003ehandler_mutex);\n !! Use after free on id_priv\n\nrdma_addr_cancel() expects there to be one req on the list and only\ncancels the first one. The self-removal behavior of the work only happens\nafter the handler has returned. This yields a situations where the\nreq_list can have two reqs for the same \"handle\" but rdma_addr_cancel()\nonly cancels the first one.\n\nThe second req remains active beyond rdma_destroy_id() and will\nuse-after-free id_priv once it inevitably triggers.\n\nFix this by remembering if the id_priv has called rdma_resolve_ip() and\nalways cancel before calling it again. This ensures the req_list never\ngets more than one item in it and doesn\u0027t cost anything in the normal flow\nthat never uses this strange error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47391",
"url": "https://www.suse.com/security/cve/CVE-2021-47391"
},
{
"category": "external",
"summary": "SUSE Bug 1225318 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "external",
"summary": "SUSE Bug 1225319 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47391"
},
{
"cve": "CVE-2021-47397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb\n\nWe should always check if skb_header_pointer\u0027s return is NULL before\nusing it, otherwise it may cause null-ptr-deref, as syzbot reported:\n\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:sctp_rcv_ootb net/sctp/input.c:705 [inline]\n RIP: 0010:sctp_rcv+0x1d84/0x3220 net/sctp/input.c:196\n Call Trace:\n \u003cIRQ\u003e\n sctp6_rcv+0x38/0x60 net/sctp/ipv6.c:1109\n ip6_protocol_deliver_rcu+0x2e9/0x1ca0 net/ipv6/ip6_input.c:422\n ip6_input_finish+0x62/0x170 net/ipv6/ip6_input.c:463\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:472\n dst_input include/net/dst.h:460 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline]\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ipv6_rcv+0x28c/0x3c0 net/ipv6/ip6_input.c:297",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47397",
"url": "https://www.suse.com/security/cve/CVE-2021-47397"
},
{
"category": "external",
"summary": "SUSE Bug 1225082 for CVE-2021-47397",
"url": "https://bugzilla.suse.com/1225082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47397"
},
{
"cve": "CVE-2021-47400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: do not allow call hns3_nic_net_open repeatedly\n\nhns3_nic_net_open() is not allowed to called repeatly, but there\nis no checking for this. When doing device reset and setup tc\nconcurrently, there is a small oppotunity to call hns3_nic_net_open\nrepeatedly, and cause kernel bug by calling napi_enable twice.\n\nThe calltrace information is like below:\n[ 3078.222780] ------------[ cut here ]------------\n[ 3078.230255] kernel BUG at net/core/dev.c:6991!\n[ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O)\n[ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G O 5.14.0-rc4+ #1\n[ 3078.269102] Hardware name: , BIOS KpxxxFPGA 1P B600 V181 08/12/2021\n[ 3078.276801] Workqueue: hclge hclge_service_task [hclge]\n[ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[ 3078.296168] pc : napi_enable+0x80/0x84\ntc qdisc sho[w 3d0e7v8 .e3t0h218 79] lr : hns3_nic_net_open+0x138/0x510 [hns3]\n\n[ 3078.314771] sp : ffff8000108abb20\n[ 3078.319099] x29: ffff8000108abb20 x28: 0000000000000000 x27: ffff0820a8490300\n[ 3078.329121] x26: 0000000000000001 x25: ffff08209cfc6200 x24: 0000000000000000\n[ 3078.339044] x23: ffff0820a8490300 x22: ffff08209cd76000 x21: ffff0820abfe3880\n[ 3078.349018] x20: 0000000000000000 x19: ffff08209cd76900 x18: 0000000000000000\n[ 3078.358620] x17: 0000000000000000 x16: ffffc816e1727a50 x15: 0000ffff8f4ff930\n[ 3078.368895] x14: 0000000000000000 x13: 0000000000000000 x12: 0000259e9dbeb6b4\n[ 3078.377987] x11: 0096a8f7e764eb40 x10: 634615ad28d3eab5 x9 : ffffc816ad8885b8\n[ 3078.387091] x8 : ffff08209cfc6fb8 x7 : ffff0820ac0da058 x6 : ffff0820a8490344\n[ 3078.396356] x5 : 0000000000000140 x4 : 0000000000000003 x3 : ffff08209cd76938\n[ 3078.405365] x2 : 0000000000000000 x1 : 0000000000000010 x0 : ffff0820abfe38a0\n[ 3078.414657] Call trace:\n[ 3078.418517] napi_enable+0x80/0x84\n[ 3078.424626] hns3_reset_notify_up_enet+0x78/0xd0 [hns3]\n[ 3078.433469] hns3_reset_notify+0x64/0x80 [hns3]\n[ 3078.441430] hclge_notify_client+0x68/0xb0 [hclge]\n[ 3078.450511] hclge_reset_rebuild+0x524/0x884 [hclge]\n[ 3078.458879] hclge_reset_service_task+0x3c4/0x680 [hclge]\n[ 3078.467470] hclge_service_task+0xb0/0xb54 [hclge]\n[ 3078.475675] process_one_work+0x1dc/0x48c\n[ 3078.481888] worker_thread+0x15c/0x464\n[ 3078.487104] kthread+0x160/0x170\n[ 3078.492479] ret_from_fork+0x10/0x18\n[ 3078.498785] Code: c8027c81 35ffffa2 d50323bf d65f03c0 (d4210000)\n[ 3078.506889] ---[ end trace 8ebe0340a1b0fb44 ]---\n\nOnce hns3_nic_net_open() is excute success, the flag\nHNS3_NIC_STATE_DOWN will be cleared. So add checking for this\nflag, directly return when HNS3_NIC_STATE_DOWN is no set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47400",
"url": "https://www.suse.com/security/cve/CVE-2021-47400"
},
{
"category": "external",
"summary": "SUSE Bug 1225329 for CVE-2021-47400",
"url": "https://bugzilla.suse.com/1225329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47400"
},
{
"cve": "CVE-2021-47401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipack: ipoctal: fix stack information leak\n\nThe tty driver name is used also after registering the driver and must\nspecifically not be allocated on the stack to avoid leaking information\nto user space (or triggering an oops).\n\nDrivers should not try to encode topology information in the tty device\nname but this one snuck in through staging without anyone noticing and\nanother driver has since copied this malpractice.\n\nFixing the ABI is a separate issue, but this at least plugs the security\nhole.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47401",
"url": "https://www.suse.com/security/cve/CVE-2021-47401"
},
{
"category": "external",
"summary": "SUSE Bug 1225242 for CVE-2021-47401",
"url": "https://bugzilla.suse.com/1225242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47401"
},
{
"cve": "CVE-2021-47404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: fix slab-out-of-bounds Write in betop_probe\n\nSyzbot reported slab-out-of-bounds Write bug in hid-betopff driver.\nThe problem is the driver assumes the device must have an input report but\nsome malicious devices violate this assumption.\n\nSo this patch checks hid_device\u0027s input is non empty before it\u0027s been used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47404",
"url": "https://www.suse.com/security/cve/CVE-2021-47404"
},
{
"category": "external",
"summary": "SUSE Bug 1225303 for CVE-2021-47404",
"url": "https://bugzilla.suse.com/1225303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47404"
},
{
"cve": "CVE-2021-47409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47409",
"url": "https://www.suse.com/security/cve/CVE-2021-47409"
},
{
"category": "external",
"summary": "SUSE Bug 1225330 for CVE-2021-47409",
"url": "https://bugzilla.suse.com/1225330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47409"
},
{
"cve": "CVE-2021-47416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: mdio: fix memory leak\n\nSyzbot reported memory leak in MDIO bus interface, the problem was in\nwrong state logic.\n\nMDIOBUS_ALLOCATED indicates 2 states:\n\t1. Bus is only allocated\n\t2. Bus allocated and __mdiobus_register() fails, but\n\t device_register() was called\n\nIn case of device_register() has been called we should call put_device()\nto correctly free the memory allocated for this device, but mdiobus_free()\ncalls just kfree(dev) in case of MDIOBUS_ALLOCATED state\n\nTo avoid this behaviour we need to set bus-\u003estate to MDIOBUS_UNREGISTERED\n_before_ calling device_register(), because put_device() should be\ncalled even in case of device_register() failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47416",
"url": "https://www.suse.com/security/cve/CVE-2021-47416"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "external",
"summary": "SUSE Bug 1225336 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47416"
},
{
"cve": "CVE-2021-47423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47423"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/debugfs: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47423",
"url": "https://www.suse.com/security/cve/CVE-2021-47423"
},
{
"category": "external",
"summary": "SUSE Bug 1225366 for CVE-2021-47423",
"url": "https://bugzilla.suse.com/1225366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47423"
},
{
"cve": "CVE-2021-47424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47424"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n Trying to free already-free IRQ 266\n WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__free_irq+0x9a/0x300\n Call Trace:\n ? synchronize_irq+0x3a/0xa0\n free_irq+0x2e/0x60\n i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n i40e_probe.part.108+0x134b/0x1a40 [i40e]\n ? kmem_cache_alloc+0x158/0x1c0\n ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n ? acpi_ut_update_object_reference+0x15e/0x1e2\n ? strstr+0x21/0x70\n ? irq_get_irq_data+0xa/0x20\n ? mp_check_pin_attr+0x13/0xc0\n ? irq_get_irq_data+0xa/0x20\n ? mp_map_pin_to_irq+0xd3/0x2f0\n ? acpi_register_gsi_ioapic+0x93/0x170\n ? pci_conf1_read+0xa4/0x100\n ? pci_bus_read_config_word+0x49/0x70\n ? do_pci_enable_device+0xcc/0x100\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47424",
"url": "https://www.suse.com/security/cve/CVE-2021-47424"
},
{
"category": "external",
"summary": "SUSE Bug 1225367 for CVE-2021-47424",
"url": "https://bugzilla.suse.com/1225367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47424"
},
{
"cve": "CVE-2021-47431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix gart.bo pin_count leak\n\ngmc_v{9,10}_0_gart_disable() isn\u0027t called matched with\ncorrespoding gart_enbale function in SRIOV case. This will\nlead to gart.bo pin_count leak on driver unload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47431",
"url": "https://www.suse.com/security/cve/CVE-2021-47431"
},
{
"category": "external",
"summary": "SUSE Bug 1225390 for CVE-2021-47431",
"url": "https://bugzilla.suse.com/1225390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47431"
},
{
"cve": "CVE-2021-47435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47435",
"url": "https://www.suse.com/security/cve/CVE-2021-47435"
},
{
"category": "external",
"summary": "SUSE Bug 1225247 for CVE-2021-47435",
"url": "https://bugzilla.suse.com/1225247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47435"
},
{
"cve": "CVE-2021-47436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47436",
"url": "https://www.suse.com/security/cve/CVE-2021-47436"
},
{
"category": "external",
"summary": "SUSE Bug 1225244 for CVE-2021-47436",
"url": "https://bugzilla.suse.com/1225244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47436"
},
{
"cve": "CVE-2021-47456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_pci: peak_pci_remove(): fix UAF\n\nWhen remove the module peek_pci, referencing \u0027chan\u0027 again after\nreleasing \u0027dev\u0027 will cause UAF.\n\nFix this by releasing \u0027dev\u0027 later.\n\nThe following log reveals it:\n\n[ 35.961814 ] BUG: KASAN: use-after-free in peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.963414 ] Read of size 8 at addr ffff888136998ee8 by task modprobe/5537\n[ 35.965513 ] Call Trace:\n[ 35.965718 ] dump_stack_lvl+0xa8/0xd1\n[ 35.966028 ] print_address_description+0x87/0x3b0\n[ 35.966420 ] kasan_report+0x172/0x1c0\n[ 35.966725 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967137 ] ? trace_irq_enable_rcuidle+0x10/0x170\n[ 35.967529 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967945 ] __asan_report_load8_noabort+0x14/0x20\n[ 35.968346 ] peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.968752 ] pci_device_remove+0xa9/0x250",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47456",
"url": "https://www.suse.com/security/cve/CVE-2021-47456"
},
{
"category": "external",
"summary": "SUSE Bug 1225256 for CVE-2021-47456",
"url": "https://bugzilla.suse.com/1225256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47456"
},
{
"cve": "CVE-2021-47458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: mount fails with buffer overflow in strlen\n\nStarting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an\nocfs2 filesystem with either o2cb or pcmk cluster stack fails with the\ntrace below. Problem seems to be that strings for cluster stack and\ncluster name are not guaranteed to be null terminated in the disk\nrepresentation, while strlcpy assumes that the source string is always\nnull terminated. This causes a read outside of the source string\ntriggering the buffer overflow detection.\n\n detected buffer overflow in strlen\n ------------[ cut here ]------------\n kernel BUG at lib/string.c:1149!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 1 PID: 910 Comm: mount.ocfs2 Not tainted 5.14.0-1-amd64 #1\n Debian 5.14.6-2\n RIP: 0010:fortify_panic+0xf/0x11\n ...\n Call Trace:\n ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]\n ocfs2_fill_super+0x359/0x19b0 [ocfs2]\n mount_bdev+0x185/0x1b0\n legacy_get_tree+0x27/0x40\n vfs_get_tree+0x25/0xb0\n path_mount+0x454/0xa20\n __x64_sys_mount+0x103/0x140\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47458",
"url": "https://www.suse.com/security/cve/CVE-2021-47458"
},
{
"category": "external",
"summary": "SUSE Bug 1225252 for CVE-2021-47458",
"url": "https://bugzilla.suse.com/1225252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47458"
},
{
"cve": "CVE-2021-47460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after conversion from inline format\n\nCommit 6dbf7bb55598 (\"fs: Don\u0027t invalidate page buffers in\nblock_write_full_page()\") uncovered a latent bug in ocfs2 conversion\nfrom inline inode format to a normal inode format.\n\nThe code in ocfs2_convert_inline_data_to_extents() attempts to zero out\nthe whole cluster allocated for file data by grabbing, zeroing, and\ndirtying all pages covering this cluster. However these pages are\nbeyond i_size, thus writeback code generally ignores these dirty pages\nand no blocks were ever actually zeroed on the disk.\n\nThis oversight was fixed by commit 693c241a5f6a (\"ocfs2: No need to zero\npages past i_size.\") for standard ocfs2 write path, inline conversion\npath was apparently forgotten; the commit log also has a reasoning why\nthe zeroing actually is not needed.\n\nAfter commit 6dbf7bb55598, things became worse as writeback code stopped\ninvalidating buffers on pages beyond i_size and thus these pages end up\nwith clean PageDirty bit but with buffers attached to these pages being\nstill dirty. So when a file is converted from inline format, then\nwriteback triggers, and then the file is grown so that these pages\nbecome valid, the invalid dirtiness state is preserved,\nmark_buffer_dirty() does nothing on these pages (buffers are already\ndirty) but page is never written back because it is clean. So data\nwritten to these pages is lost once pages are reclaimed.\n\nSimple reproducer for the problem is:\n\n xfs_io -f -c \"pwrite 0 2000\" -c \"pwrite 2000 2000\" -c \"fsync\" \\\n -c \"pwrite 4000 2000\" ocfs2_file\n\nAfter unmounting and mounting the fs again, you can observe that end of\n\u0027ocfs2_file\u0027 has lost its contents.\n\nFix the problem by not doing the pointless zeroing during conversion\nfrom inline format similarly as in the standard write path.\n\n[akpm@linux-foundation.org: fix whitespace, per Joseph]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47460",
"url": "https://www.suse.com/security/cve/CVE-2021-47460"
},
{
"category": "external",
"summary": "SUSE Bug 1225251 for CVE-2021-47460",
"url": "https://bugzilla.suse.com/1225251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47460"
},
{
"cve": "CVE-2021-47469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47469"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47469",
"url": "https://www.suse.com/security/cve/CVE-2021-47469"
},
{
"category": "external",
"summary": "SUSE Bug 1225347 for CVE-2021-47469",
"url": "https://bugzilla.suse.com/1225347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47469"
},
{
"cve": "CVE-2021-47472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47472"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47472",
"url": "https://www.suse.com/security/cve/CVE-2021-47472"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47472",
"url": "https://bugzilla.suse.com/1225189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47472"
},
{
"cve": "CVE-2021-47473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()\n\nCommit 8c0eb596baa5 (\"[SCSI] qla2xxx: Fix a memory leak in an error path of\nqla2x00_process_els()\"), intended to change:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_HST_ELS_NOLOGIN\n\n\n bsg_job-\u003erequest-\u003emsgcode != FC_BSG_RPT_ELS\n\nbut changed it to:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_RPT_ELS\n\ninstead.\n\nChange the == to a != to avoid leaking the fcport structure or freeing\nunallocated memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47473",
"url": "https://www.suse.com/security/cve/CVE-2021-47473"
},
{
"category": "external",
"summary": "SUSE Bug 1225192 for CVE-2021-47473",
"url": "https://bugzilla.suse.com/1225192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2021-47473"
},
{
"cve": "CVE-2021-47478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Fix out of bound access for corrupted isofs image\n\nWhen isofs image is suitably corrupted isofs_read_inode() can read data\nbeyond the end of buffer. Sanity-check the directory entry length before\nusing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47478",
"url": "https://www.suse.com/security/cve/CVE-2021-47478"
},
{
"category": "external",
"summary": "SUSE Bug 1225198 for CVE-2021-47478",
"url": "https://bugzilla.suse.com/1225198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47478"
},
{
"cve": "CVE-2021-47480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\nhost instance is released because shost-\u003ehostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\nreported by Changhui and Yi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47480",
"url": "https://www.suse.com/security/cve/CVE-2021-47480"
},
{
"category": "external",
"summary": "SUSE Bug 1225322 for CVE-2021-47480",
"url": "https://bugzilla.suse.com/1225322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47480"
},
{
"cve": "CVE-2021-47483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: Fix possible double-free in regcache_rbtree_exit()\n\nIn regcache_rbtree_insert_to_block(), when \u0027present\u0027 realloc failed,\nthe \u0027blk\u0027 which is supposed to assign to \u0027rbnode-\u003eblock\u0027 will be freed,\nso \u0027rbnode-\u003eblock\u0027 points a freed memory, in the error handling path of\nregcache_rbtree_init(), \u0027rbnode-\u003eblock\u0027 will be freed again in\nregcache_rbtree_exit(), KASAN will report double-free as follows:\n\nBUG: KASAN: double-free or invalid-free in kfree+0xce/0x390\nCall Trace:\n slab_free_freelist_hook+0x10d/0x240\n kfree+0xce/0x390\n regcache_rbtree_exit+0x15d/0x1a0\n regcache_rbtree_init+0x224/0x2c0\n regcache_init+0x88d/0x1310\n __regmap_init+0x3151/0x4a80\n __devm_regmap_init+0x7d/0x100\n madera_spi_probe+0x10f/0x333 [madera_spi]\n spi_probe+0x183/0x210\n really_probe+0x285/0xc30\n\nTo fix this, moving up the assignment of rbnode-\u003eblock to immediately after\nthe reallocation has succeeded so that the data structure stays valid even\nif the second reallocation fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47483",
"url": "https://www.suse.com/security/cve/CVE-2021-47483"
},
{
"category": "external",
"summary": "SUSE Bug 1224907 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "external",
"summary": "SUSE Bug 1224908 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47483"
},
{
"cve": "CVE-2021-47485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47485",
"url": "https://www.suse.com/security/cve/CVE-2021-47485"
},
{
"category": "external",
"summary": "SUSE Bug 1224904 for CVE-2021-47485",
"url": "https://bugzilla.suse.com/1224904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47485"
},
{
"cve": "CVE-2021-47495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: sanity check for maxpacket\n\nmaxpacket of 0 makes no sense and oopses as we need to divide\nby it. Give up.\n\nV2: fixed typo in log and stylistic issues",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47495",
"url": "https://www.suse.com/security/cve/CVE-2021-47495"
},
{
"category": "external",
"summary": "SUSE Bug 1225351 for CVE-2021-47495",
"url": "https://bugzilla.suse.com/1225351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47495"
},
{
"cve": "CVE-2021-47496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix flipped sign in tls_err_abort() calls\n\nsk-\u003esk_err appears to expect a positive value, a convention that ktls\ndoesn\u0027t always follow and that leads to memory corruption in other code.\nFor instance,\n\n [kworker]\n tls_encrypt_done(..., err=\u003cnegative error from crypto request\u003e)\n tls_err_abort(.., err)\n sk-\u003esk_err = err;\n\n [task]\n splice_from_pipe_feed\n ...\n tls_sw_do_sendpage\n if (sk-\u003esk_err) {\n ret = -sk-\u003esk_err; // ret is positive\n\n splice_from_pipe_feed (continued)\n ret = actor(...) // ret is still positive and interpreted as bytes\n // written, resulting in underflow of buf-\u003elen and\n // sd-\u003elen, leading to huge buf-\u003eoffset and bogus\n // addresses computed in later calls to actor()\n\nFix all tls_err_abort() callers to pass a negative error code\nconsistently and centralize the error-prone sign flip there, throwing in\na warning to catch future misuse and uninlining the function so it\nreally does only warn once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47496",
"url": "https://www.suse.com/security/cve/CVE-2021-47496"
},
{
"category": "external",
"summary": "SUSE Bug 1225354 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "external",
"summary": "SUSE Bug 1227656 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1227656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47496"
},
{
"cve": "CVE-2021-47497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47497"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\n\nIf a cell has \u0027nbits\u0027 equal to a multiple of BITS_PER_BYTE the logic\n\n *p \u0026= GENMASK((cell-\u003enbits%BITS_PER_BYTE) - 1, 0);\n\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\n\nUBSAN reports this problem:\n\n UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\n shift exponent 64 is too large for 64-bit type \u0027unsigned long\u0027\n CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\n Hardware name: Google Lazor (rev3+) with KB Backlight (DT)\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n dump_backtrace+0x0/0x170\n show_stack+0x24/0x30\n dump_stack_lvl+0x64/0x7c\n dump_stack+0x18/0x38\n ubsan_epilogue+0x10/0x54\n __ubsan_handle_shift_out_of_bounds+0x180/0x194\n __nvmem_cell_read+0x1ec/0x21c\n nvmem_cell_read+0x58/0x94\n nvmem_cell_read_variable_common+0x4c/0xb0\n nvmem_cell_read_variable_le_u32+0x40/0x100\n a6xx_gpu_init+0x170/0x2f4\n adreno_bind+0x174/0x284\n component_bind_all+0xf0/0x264\n msm_drm_bind+0x1d8/0x7a0\n try_to_bring_up_master+0x164/0x1ac\n __component_add+0xbc/0x13c\n component_add+0x20/0x2c\n dp_display_probe+0x340/0x384\n platform_probe+0xc0/0x100\n really_probe+0x110/0x304\n __driver_probe_device+0xb8/0x120\n driver_probe_device+0x4c/0xfc\n __device_attach_driver+0xb0/0x128\n bus_for_each_drv+0x90/0xdc\n __device_attach+0xc8/0x174\n device_initial_probe+0x20/0x2c\n bus_probe_device+0x40/0xa4\n deferred_probe_work_func+0x7c/0xb8\n process_one_work+0x128/0x21c\n process_scheduled_works+0x40/0x54\n worker_thread+0x1ec/0x2a8\n kthread+0x138/0x158\n ret_from_fork+0x10/0x20\n\nFix it by making sure there are any bits to mask out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47497",
"url": "https://www.suse.com/security/cve/CVE-2021-47497"
},
{
"category": "external",
"summary": "SUSE Bug 1225355 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "external",
"summary": "SUSE Bug 1227655 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1227655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47497"
},
{
"cve": "CVE-2021-47500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47500",
"url": "https://www.suse.com/security/cve/CVE-2021-47500"
},
{
"category": "external",
"summary": "SUSE Bug 1225360 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "external",
"summary": "SUSE Bug 1227698 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1227698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47500"
},
{
"cve": "CVE-2021-47506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix use-after-free due to delegation race\n\nA delegation break could arrive as soon as we\u0027ve called vfs_setlease. A\ndelegation break runs a callback which immediately (in\nnfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we\nthen exit nfs4_set_delegation without hashing the delegation, it will be\nfreed as soon as the callback is done with it, without ever being\nremoved from del_recall_lru.\n\nSymptoms show up later as use-after-free or list corruption warnings,\nusually in the laundromat thread.\n\nI suspect aba2072f4523 \"nfsd: grant read delegations to clients holding\nwrites\" made this bug easier to hit, but I looked as far back as v3.0\nand it looks to me it already had the same problem. So I\u0027m not sure\nwhere the bug was introduced; it may have been there from the beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47506",
"url": "https://www.suse.com/security/cve/CVE-2021-47506"
},
{
"category": "external",
"summary": "SUSE Bug 1225404 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "external",
"summary": "SUSE Bug 1227497 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1227497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47506"
},
{
"cve": "CVE-2021-47509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Limit the period size to 16MB\n\nSet the practical limit to the period size (the fragment shift in OSS)\ninstead of a full 31bit; a too large value could lead to the exhaust\nof memory as we allocate temporary buffers of the period size, too.\n\nAs of this patch, we set to 16MB limit, which should cover all use\ncases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47509",
"url": "https://www.suse.com/security/cve/CVE-2021-47509"
},
{
"category": "external",
"summary": "SUSE Bug 1225409 for CVE-2021-47509",
"url": "https://bugzilla.suse.com/1225409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47509"
},
{
"cve": "CVE-2021-47511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix negative period/buffer sizes\n\nThe period size calculation in OSS layer may receive a negative value\nas an error, but the code there assumes only the positive values and\nhandle them with size_t. Due to that, a too big value may be passed\nto the lower layers.\n\nThis patch changes the code to handle with ssize_t and adds the proper\nerror checks appropriately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47511",
"url": "https://www.suse.com/security/cve/CVE-2021-47511"
},
{
"category": "external",
"summary": "SUSE Bug 1225411 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "external",
"summary": "SUSE Bug 1227700 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1227700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47511"
},
{
"cve": "CVE-2021-47523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47523"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr\n\nThis buffer is currently allocated in hfi1_init():\n\n\tif (reinit)\n\t\tret = init_after_reset(dd);\n\telse\n\t\tret = loadtime_init(dd);\n\tif (ret)\n\t\tgoto done;\n\n\t/* allocate dummy tail memory for all receive contexts */\n\tdd-\u003ercvhdrtail_dummy_kvaddr = dma_alloc_coherent(\u0026dd-\u003epcidev-\u003edev,\n\t\t\t\t\t\t\t sizeof(u64),\n\t\t\t\t\t\t\t \u0026dd-\u003ercvhdrtail_dummy_dma,\n\t\t\t\t\t\t\t GFP_KERNEL);\n\n\tif (!dd-\u003ercvhdrtail_dummy_kvaddr) {\n\t\tdd_dev_err(dd, \"cannot allocate dummy tail memory\\n\");\n\t\tret = -ENOMEM;\n\t\tgoto done;\n\t}\n\nThe reinit triggered path will overwrite the old allocation and leak it.\n\nFix by moving the allocation to hfi1_alloc_devdata() and the deallocation\nto hfi1_free_devdata().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47523",
"url": "https://www.suse.com/security/cve/CVE-2021-47523"
},
{
"category": "external",
"summary": "SUSE Bug 1225438 for CVE-2021-47523",
"url": "https://bugzilla.suse.com/1225438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47523"
},
{
"cve": "CVE-2021-47541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()\n\nIn mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and\ntmp-\u003etx_cq will be freed on the error path of mlx4_en_copy_priv().\nAfter that mlx4_en_alloc_resources() is called and there is a dereference\nof \u0026tmp-\u003etx_cq[t][i] in mlx4_en_alloc_resources(), which could lead to\na use after free problem on failure of mlx4_en_copy_priv().\n\nFix this bug by adding a check of mlx4_en_copy_priv()\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_MLX4_EN=m show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47541",
"url": "https://www.suse.com/security/cve/CVE-2021-47541"
},
{
"category": "external",
"summary": "SUSE Bug 1225453 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "external",
"summary": "SUSE Bug 1225454 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2021-47541"
},
{
"cve": "CVE-2021-47548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()\n\nThe if statement:\n if (port \u003e= DSAF_GE_NUM)\n return;\n\nlimits the value of port less than DSAF_GE_NUM (i.e., 8).\nHowever, if the value of port is 6 or 7, an array overflow could occur:\n port_rst_off = dsaf_dev-\u003emac_cb[port]-\u003eport_rst_off;\n\nbecause the length of dsaf_dev-\u003emac_cb is DSAF_MAX_PORT_NUM (i.e., 6).\n\nTo fix this possible array overflow, we first check port and if it is\ngreater than or equal to DSAF_MAX_PORT_NUM, the function returns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47548",
"url": "https://www.suse.com/security/cve/CVE-2021-47548"
},
{
"category": "external",
"summary": "SUSE Bug 1225506 for CVE-2021-47548",
"url": "https://bugzilla.suse.com/1225506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47548"
},
{
"cve": "CVE-2021-47565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix kernel panic during drive powercycle test\n\nWhile looping over shost\u0027s sdev list it is possible that one\nof the drives is getting removed and its sas_target object is\nfreed but its sdev object remains intact.\n\nConsequently, a kernel panic can occur while the driver is trying to access\nthe sas_address field of sas_target object without also checking the\nsas_target object for NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47565",
"url": "https://www.suse.com/security/cve/CVE-2021-47565"
},
{
"category": "external",
"summary": "SUSE Bug 1225384 for CVE-2021-47565",
"url": "https://bugzilla.suse.com/1225384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-47565"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn\u0027t find a command, but it missed to clean\nup the allocated memory for the management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48650",
"url": "https://www.suse.com/security/cve/CVE-2022-48650"
},
{
"category": "external",
"summary": "SUSE Bug 1223509 for CVE-2022-48650",
"url": "https://bugzilla.suse.com/1223509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48650"
},
{
"cve": "CVE-2022-48672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: fdt: fix off-by-one error in unflatten_dt_nodes()\n\nCommit 78c44d910d3e (\"drivers/of: Fix depth when unflattening devicetree\")\nforgot to fix up the depth check in the loop body in unflatten_dt_nodes()\nwhich makes it possible to overflow the nps[] buffer...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48672",
"url": "https://www.suse.com/security/cve/CVE-2022-48672"
},
{
"category": "external",
"summary": "SUSE Bug 1223931 for CVE-2022-48672",
"url": "https://bugzilla.suse.com/1223931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48672"
},
{
"cve": "CVE-2022-48686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix UAF when detecting digest errors\n\nWe should also bail from the io_work loop when we set rd_enabled to true,\nso we don\u0027t attempt to read data from the socket when the TCP stream is\nalready out-of-sync or corrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48686",
"url": "https://www.suse.com/security/cve/CVE-2022-48686"
},
{
"category": "external",
"summary": "SUSE Bug 1223948 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "external",
"summary": "SUSE Bug 1226337 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1226337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2022-48686"
},
{
"cve": "CVE-2022-48697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a use-after-free\n\nFix the following use-after-free complaint triggered by blktests nvme/004:\n\nBUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350\nRead of size 4 at addr 0000607bd1835943 by task kworker/13:1/460\nWorkqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\nCall Trace:\n show_stack+0x52/0x58\n dump_stack_lvl+0x49/0x5e\n print_report.cold+0x36/0x1e2\n kasan_report+0xb9/0xf0\n __asan_load4+0x6b/0x80\n blk_mq_complete_request_remote+0xac/0x350\n nvme_loop_queue_response+0x1df/0x275 [nvme_loop]\n __nvmet_req_complete+0x132/0x4f0 [nvmet]\n nvmet_req_complete+0x15/0x40 [nvmet]\n nvmet_execute_io_connect+0x18a/0x1f0 [nvmet]\n nvme_loop_execute_work+0x20/0x30 [nvme_loop]\n process_one_work+0x56e/0xa70\n worker_thread+0x2d1/0x640\n kthread+0x183/0x1c0\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48697",
"url": "https://www.suse.com/security/cve/CVE-2022-48697"
},
{
"category": "external",
"summary": "SUSE Bug 1223922 for CVE-2022-48697",
"url": "https://bugzilla.suse.com/1223922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48697"
},
{
"cve": "CVE-2022-48702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()\n\nThe voice allocator sometimes begins allocating from near the end of the\narray and then wraps around, however snd_emu10k1_pcm_channel_alloc()\naccesses the newly allocated voices as if it never wrapped around.\n\nThis results in out of bounds access if the first voice has a high enough\nindex so that first_voice + requested_voice_count \u003e NUM_G (64).\nThe more voices are requested, the more likely it is for this to occur.\n\nThis was initially discovered using PipeWire, however it can be reproduced\nby calling aplay multiple times with 16 channels:\naplay -r 48000 -D plughw:CARD=Live,DEV=3 -c 16 /dev/zero\n\nUBSAN: array-index-out-of-bounds in sound/pci/emu10k1/emupcm.c:127:40\nindex 65 is out of range for type \u0027snd_emu10k1_voice [64]\u0027\nCPU: 1 PID: 31977 Comm: aplay Tainted: G W IOE 6.0.0-rc2-emu10k1+ #7\nHardware name: ASUSTEK COMPUTER INC P5W DH Deluxe/P5W DH Deluxe, BIOS 3002 07/22/2010\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x49/0x63\ndump_stack+0x10/0x16\nubsan_epilogue+0x9/0x3f\n__ubsan_handle_out_of_bounds.cold+0x44/0x49\nsnd_emu10k1_playback_hw_params+0x3bc/0x420 [snd_emu10k1]\nsnd_pcm_hw_params+0x29f/0x600 [snd_pcm]\nsnd_pcm_common_ioctl+0x188/0x1410 [snd_pcm]\n? exit_to_user_mode_prepare+0x35/0x170\n? do_syscall_64+0x69/0x90\n? syscall_exit_to_user_mode+0x26/0x50\n? do_syscall_64+0x69/0x90\n? exit_to_user_mode_prepare+0x35/0x170\nsnd_pcm_ioctl+0x27/0x40 [snd_pcm]\n__x64_sys_ioctl+0x95/0xd0\ndo_syscall_64+0x5c/0x90\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48702",
"url": "https://www.suse.com/security/cve/CVE-2022-48702"
},
{
"category": "external",
"summary": "SUSE Bug 1223923 for CVE-2022-48702",
"url": "https://bugzilla.suse.com/1223923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48702"
},
{
"cve": "CVE-2022-48704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n\u003e Configuration and Message requests are the only TLPs accepted by a Function in\n\u003e the D3hot state. All other received Requests must be handled as Unsupported Requests,\n\u003e and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [\u003cffffffff811bea5c\u003e] ra = [\u003cffffffff81240844\u003e] ps = 0000 Tainted: G W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000\nt2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258\nt5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000\ns0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018\ns3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008\na3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338\nt8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800\nt11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000\ngp = ffffffff81d89690 sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[\u003cffffffff81240844\u003e] si_dma_is_lockup+0x34/0xd0\n[\u003cffffffff81119610\u003e] radeon_fence_check_lockup+0xd0/0x290\n[\u003cffffffff80977010\u003e] process_one_work+0x280/0x550\n[\u003cffffffff80977350\u003e] worker_thread+0x70/0x7c0\n[\u003cffffffff80977410\u003e] worker_thread+0x130/0x7c0\n[\u003cffffffff80982040\u003e] kthread+0x200/0x210\n[\u003cffffffff809772e0\u003e] worker_thread+0x0/0x7c0\n[\u003cffffffff80981f8c\u003e] kthread+0x14c/0x210\n[\u003cffffffff80911658\u003e] ret_from_kernel_thread+0x18/0x20\n[\u003cffffffff80981e40\u003e] kthread+0x0/0x210\n Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101\n \u003c88210000\u003e 4821ed21\nSo force lockup work queue flush to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48704",
"url": "https://www.suse.com/security/cve/CVE-2022-48704"
},
{
"category": "external",
"summary": "SUSE Bug 1223932 for CVE-2022-48704",
"url": "https://bugzilla.suse.com/1223932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48704"
},
{
"cve": "CVE-2022-48708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference\n\nAdded checking of pointer \"function\" in pcs_set_mux().\npinmux_generic_get_function() can return NULL and the pointer\n\"function\" was dereferenced without checking against NULL.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48708",
"url": "https://www.suse.com/security/cve/CVE-2022-48708"
},
{
"category": "external",
"summary": "SUSE Bug 1224942 for CVE-2022-48708",
"url": "https://bugzilla.suse.com/1224942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48708"
},
{
"cve": "CVE-2022-48710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix a possible null pointer dereference\n\nIn radeon_fp_native_mode(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.\n\nThe failure status of drm_cvt_mode() on the other path is checked too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48710",
"url": "https://www.suse.com/security/cve/CVE-2022-48710"
},
{
"category": "external",
"summary": "SUSE Bug 1225230 for CVE-2022-48710",
"url": "https://bugzilla.suse.com/1225230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48710"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-1829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1829"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1829",
"url": "https://www.suse.com/security/cve/CVE-2023-1829"
},
{
"category": "external",
"summary": "SUSE Bug 1210335 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "external",
"summary": "SUSE Bug 1210619 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1220886 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1220886"
},
{
"category": "external",
"summary": "SUSE Bug 1228311 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1228311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-42755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-42755"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-42755",
"url": "https://www.suse.com/security/cve/CVE-2023-42755"
},
{
"category": "external",
"summary": "SUSE Bug 1215702 for CVE-2023-42755",
"url": "https://bugzilla.suse.com/1215702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-42755"
},
{
"cve": "CVE-2023-47233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47233"
}
],
"notes": [
{
"category": "general",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47233",
"url": "https://www.suse.com/security/cve/CVE-2023-47233"
},
{
"category": "external",
"summary": "SUSE Bug 1216702 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-52527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()\n\nIncluding the transhdrlen in length is a problem when the packet is\npartially filled (e.g. something like send(MSG_MORE) happened previously)\nwhen appending to an IPv4 or IPv6 packet as we don\u0027t want to repeat the\ntransport header or account for it twice. This can happen under some\ncircumstances, such as splicing into an L2TP socket.\n\nThe symptom observed is a warning in __ip6_append_data():\n\n WARNING: CPU: 1 PID: 5042 at net/ipv6/ip6_output.c:1800 __ip6_append_data.isra.0+0x1be8/0x47f0 net/ipv6/ip6_output.c:1800\n\nthat occurs when MSG_SPLICE_PAGES is used to append more data to an already\npartially occupied skbuff. The warning occurs when \u0027copy\u0027 is larger than\nthe amount of data in the message iterator. This is because the requested\nlength includes the transport header length when it shouldn\u0027t. This can be\ntriggered by, for example:\n\n sfd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_L2TP);\n bind(sfd, ...); // ::1\n connect(sfd, ...); // ::1 port 7\n send(sfd, buffer, 4100, MSG_MORE);\n sendfile(sfd, dfd, NULL, 1024);\n\nFix this by only adding transhdrlen into the length if the write queue is\nempty in l2tp_ip6_sendmsg(), analogously to how UDP does things.\n\nl2tp_ip_sendmsg() looks like it won\u0027t suffer from this problem as it builds\nthe UDP packet itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52527",
"url": "https://www.suse.com/security/cve/CVE-2023-52527"
},
{
"category": "external",
"summary": "SUSE Bug 1220928 for CVE-2023-52527",
"url": "https://bugzilla.suse.com/1220928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52527"
},
{
"cve": "CVE-2023-52586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52586"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add mutex lock in control vblank irq\n\nAdd a mutex lock to control vblank irq to synchronize vblank\nenable/disable operations happening from different threads to prevent\nrace conditions while registering/unregistering the vblank irq callback.\n\nv4: -Removed vblank_ctl_lock from dpu_encoder_virt, so it is only a\n parameter of dpu_encoder_phys.\n -Switch from atomic refcnt to a simple int counter as mutex has\n now been added\nv3: Mistakenly did not change wording in last version. It is done now.\nv2: Slightly changed wording of commit message\n\nPatchwork: https://patchwork.freedesktop.org/patch/571854/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52586",
"url": "https://www.suse.com/security/cve/CVE-2023-52586"
},
{
"category": "external",
"summary": "SUSE Bug 1221081 for CVE-2023-52586",
"url": "https://bugzilla.suse.com/1221081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52586"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm-\u003eioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52646",
"url": "https://www.suse.com/security/cve/CVE-2023-52646"
},
{
"category": "external",
"summary": "SUSE Bug 1223432 for CVE-2023-52646",
"url": "https://bugzilla.suse.com/1223432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aqc111: check packet for fixup for true limit\n\nIf a device sends a packet that is inbetween 0\nand sizeof(u64) the value passed to skb_trim()\nas length will wrap around ending up as some very\nlarge value.\n\nThe driver will then proceed to parse the header\nlocated at that position, which will either oops or\nprocess some random value.\n\nThe fix is to check against sizeof(u64) rather than\n0, which the driver currently does. The issue exists\nsince the introduction of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52655",
"url": "https://www.suse.com/security/cve/CVE-2023-52655"
},
{
"category": "external",
"summary": "SUSE Bug 1217169 for CVE-2023-52655",
"url": "https://bugzilla.suse.com/1217169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: eliminate double free in error handling logic\n\nDriver has a logic leak in ring data allocation/free,\nwhere aq_ring_free could be called multiple times on same ring,\nif system is under stress and got memory allocation error.\n\nRing pointer was used as an indicator of failure, but this is\nnot correct since only ring data is allocated/deallocated.\nRing itself is an array member.\n\nChanging ring allocation functions to return error code directly.\nThis simplifies error handling and eliminates aq_ring_free\non higher layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52664",
"url": "https://www.suse.com/security/cve/CVE-2023-52664"
},
{
"category": "external",
"summary": "SUSE Bug 1224747 for CVE-2023-52664",
"url": "https://bugzilla.suse.com/1224747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52685"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52685",
"url": "https://www.suse.com/security/cve/CVE-2023-52685"
},
{
"category": "external",
"summary": "SUSE Bug 1224728 for CVE-2023-52685",
"url": "https://bugzilla.suse.com/1224728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52685"
},
{
"cve": "CVE-2023-52686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_event_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52686",
"url": "https://www.suse.com/security/cve/CVE-2023-52686"
},
{
"category": "external",
"summary": "SUSE Bug 1224682 for CVE-2023-52686",
"url": "https://bugzilla.suse.com/1224682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev-\u003epm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52691",
"url": "https://www.suse.com/security/cve/CVE-2023-52691"
},
{
"category": "external",
"summary": "SUSE Bug 1224607 for CVE-2023-52691",
"url": "https://bugzilla.suse.com/1224607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52696",
"url": "https://www.suse.com/security/cve/CVE-2023-52696"
},
{
"category": "external",
"summary": "SUSE Bug 1224601 for CVE-2023-52696",
"url": "https://bugzilla.suse.com/1224601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: fix memory leak in netlbl_calipso_add_pass()\n\nIf IPv6 support is disabled at boot (ipv6.disable=1),\nthe calipso_init() -\u003e netlbl_calipso_ops_register() function isn\u0027t called,\nand the netlbl_calipso_ops_get() function always returns NULL.\nIn this case, the netlbl_calipso_add_pass() function allocates memory\nfor the doi_def variable but doesn\u0027t free it with the calipso_doi_free().\n\nBUG: memory leak\nunreferenced object 0xffff888011d68180 (size 64):\n comm \"syz-executor.1\", pid 10746, jiffies 4295410986 (age 17.928s)\n hex dump (first 32 bytes):\n 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c...\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c...\u003e] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline]\n [\u003c...\u003e] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111\n [\u003c...\u003e] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n [\u003c...\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [\u003c...\u003e] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n [\u003c...\u003e] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515\n [\u003c...\u003e] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n [\u003c...\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [\u003c...\u003e] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339\n [\u003c...\u003e] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934\n [\u003c...\u003e] sock_sendmsg_nosec net/socket.c:651 [inline]\n [\u003c...\u003e] sock_sendmsg+0x157/0x190 net/socket.c:671\n [\u003c...\u003e] ____sys_sendmsg+0x712/0x870 net/socket.c:2342\n [\u003c...\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396\n [\u003c...\u003e] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429\n [\u003c...\u003e] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [\u003c...\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller\n\n[PM: merged via the LSM tree at Jakub Kicinski request]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52698",
"url": "https://www.suse.com/security/cve/CVE-2023-52698"
},
{
"category": "external",
"summary": "SUSE Bug 1224621 for CVE-2023-52698",
"url": "https://bugzilla.suse.com/1224621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path\n\nsyzbot reported that act_len in kalmia_send_init_packet() is\nuninitialized when passing it to the first usb_bulk_msg error path. Jiri\nPirko noted that it\u0027s pointless to pass it in the error path, and that\nthe value that would be printed in the second error path would be the\nvalue of act_len from the first call to usb_bulk_msg.[1]\n\nWith this in mind, let\u0027s just not pass act_len to the usb_bulk_msg error\npaths.\n\n1: https://lore.kernel.org/lkml/Y9pY61y1nwTuzMOa@nanopsycho/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52703",
"url": "https://www.suse.com/security/cve/CVE-2023-52703"
},
{
"category": "external",
"summary": "SUSE Bug 1225549 for CVE-2023-52703",
"url": "https://bugzilla.suse.com/1225549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2023-52703"
},
{
"cve": "CVE-2023-52730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52730",
"url": "https://www.suse.com/security/cve/CVE-2023-52730"
},
{
"category": "external",
"summary": "SUSE Bug 1224956 for CVE-2023-52730",
"url": "https://bugzilla.suse.com/1224956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52730"
},
{
"cve": "CVE-2023-52732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: blocklist the kclient when receiving corrupted snap trace\n\nWhen received corrupted snap trace we don\u0027t know what exactly has\nhappened in MDS side. And we shouldn\u0027t continue IOs and metadatas\naccess to MDS, which may corrupt or get incorrect contents.\n\nThis patch will just block all the further IO/MDS requests\nimmediately and then evict the kclient itself.\n\nThe reason why we still need to evict the kclient just after\nblocking all the further IOs is that the MDS could revoke the caps\nfaster.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52732",
"url": "https://www.suse.com/security/cve/CVE-2023-52732"
},
{
"category": "external",
"summary": "SUSE Bug 1225222 for CVE-2023-52732",
"url": "https://bugzilla.suse.com/1225222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52732"
},
{
"cve": "CVE-2023-52741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix use-after-free in rdata-\u003eread_into_pages()\n\nWhen the network status is unstable, use-after-free may occur when\nread data from the server.\n\n BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7e0\n\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x38/0x4c\n print_report+0x16f/0x4a6\n kasan_report+0xb7/0x130\n readpages_fill_pages+0x14c/0x7e0\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n \u003c/TASK\u003e\n\n Allocated by task 2535:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x82/0x90\n cifs_readdata_direct_alloc+0x2c/0x110\n cifs_readdata_alloc+0x2d/0x60\n cifs_readahead+0x393/0xfe0\n read_pages+0x12f/0x470\n page_cache_ra_unbounded+0x1b1/0x240\n filemap_get_pages+0x1c8/0x9a0\n filemap_read+0x1c0/0x540\n cifs_strict_readv+0x21b/0x240\n vfs_read+0x395/0x4b0\n ksys_read+0xb8/0x150\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n Freed by task 79:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2e/0x50\n __kasan_slab_free+0x10e/0x1a0\n __kmem_cache_free+0x7a/0x1a0\n cifs_readdata_release+0x49/0x60\n process_one_work+0x46c/0x760\n worker_thread+0x2a4/0x6f0\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\n Last potentially related work creation:\n kasan_save_stack+0x22/0x50\n __kasan_record_aux_stack+0x95/0xb0\n insert_work+0x2b/0x130\n __queue_work+0x1fe/0x660\n queue_work_on+0x4b/0x60\n smb2_readv_callback+0x396/0x800\n cifs_abort_connection+0x474/0x6a0\n cifs_reconnect+0x5cb/0xa50\n cifs_readv_from_socket.cold+0x22/0x6c\n cifs_read_page_from_socket+0xc1/0x100\n readpages_fill_pages.cold+0x2f/0x46\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\nThe following function calls will cause UAF of the rdata pointer.\n\nreadpages_fill_pages\n cifs_read_page_from_socket\n cifs_readv_from_socket\n cifs_reconnect\n __cifs_reconnect\n cifs_abort_connection\n mid-\u003ecallback() --\u003e smb2_readv_callback\n queue_work(\u0026rdata-\u003ework) # if the worker completes first,\n # the rdata is freed\n cifs_readv_complete\n kref_put\n cifs_readdata_release\n kfree(rdata)\n return rdata-\u003e... # UAF in readpages_fill_pages()\n\nSimilarly, this problem also occurs in the uncache_fill_pages().\n\nFix this by adjusts the order of condition judgment in the return\nstatement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52741",
"url": "https://www.suse.com/security/cve/CVE-2023-52741"
},
{
"category": "external",
"summary": "SUSE Bug 1225479 for CVE-2023-52741",
"url": "https://bugzilla.suse.com/1225479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52741"
},
{
"cve": "CVE-2023-52742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: USB: Fix wrong-direction WARNING in plusb.c\n\nThe syzbot fuzzer detected a bug in the plusb network driver: A\nzero-length control-OUT transfer was treated as a read instead of a\nwrite. In modern kernels this error provokes a WARNING:\n\nusb 1-1: BOGUS control dir, pipe 80000280 doesn\u0027t match bRequestType c0\nWARNING: CPU: 0 PID: 4645 at drivers/usb/core/urb.c:411\nusb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\nModules linked in:\nCPU: 1 PID: 4645 Comm: dhcpcd Not tainted\n6.2.0-rc6-syzkaller-00050-g9f266ccaa2f5 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n01/12/2023\nRIP: 0010:usb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58\n usb_internal_control_msg drivers/usb/core/message.c:102 [inline]\n usb_control_msg+0x320/0x4a0 drivers/usb/core/message.c:153\n __usbnet_read_cmd+0xb9/0x390 drivers/net/usb/usbnet.c:2010\n usbnet_read_cmd+0x96/0xf0 drivers/net/usb/usbnet.c:2068\n pl_vendor_req drivers/net/usb/plusb.c:60 [inline]\n pl_set_QuickLink_features drivers/net/usb/plusb.c:75 [inline]\n pl_reset+0x2f/0xf0 drivers/net/usb/plusb.c:85\n usbnet_open+0xcc/0x5d0 drivers/net/usb/usbnet.c:889\n __dev_open+0x297/0x4d0 net/core/dev.c:1417\n __dev_change_flags+0x587/0x750 net/core/dev.c:8530\n dev_change_flags+0x97/0x170 net/core/dev.c:8602\n devinet_ioctl+0x15a2/0x1d70 net/ipv4/devinet.c:1147\n inet_ioctl+0x33f/0x380 net/ipv4/af_inet.c:979\n sock_do_ioctl+0xcc/0x230 net/socket.c:1169\n sock_ioctl+0x1f8/0x680 net/socket.c:1286\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe fix is to call usbnet_write_cmd() instead of usbnet_read_cmd() and\nremove the USB_DIR_IN flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52742",
"url": "https://www.suse.com/security/cve/CVE-2023-52742"
},
{
"category": "external",
"summary": "SUSE Bug 1225482 for CVE-2023-52742",
"url": "https://bugzilla.suse.com/1225482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52742"
},
{
"cve": "CVE-2023-52747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Restore allocated resources on failed copyout\n\nFix a resource leak if an error occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52747",
"url": "https://www.suse.com/security/cve/CVE-2023-52747"
},
{
"category": "external",
"summary": "SUSE Bug 1224931 for CVE-2023-52747",
"url": "https://bugzilla.suse.com/1224931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52747"
},
{
"cve": "CVE-2023-52759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52759"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52759",
"url": "https://www.suse.com/security/cve/CVE-2023-52759"
},
{
"category": "external",
"summary": "SUSE Bug 1225560 for CVE-2023-52759",
"url": "https://bugzilla.suse.com/1225560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52774",
"url": "https://www.suse.com/security/cve/CVE-2023-52774"
},
{
"category": "external",
"summary": "SUSE Bug 1225572 for CVE-2023-52774",
"url": "https://bugzilla.suse.com/1225572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52781",
"url": "https://www.suse.com/security/cve/CVE-2023-52781"
},
{
"category": "external",
"summary": "SUSE Bug 1225092 for CVE-2023-52781",
"url": "https://bugzilla.suse.com/1225092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52796",
"url": "https://www.suse.com/security/cve/CVE-2023-52796"
},
{
"category": "external",
"summary": "SUSE Bug 1224930 for CVE-2023-52796",
"url": "https://bugzilla.suse.com/1224930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52803",
"url": "https://www.suse.com/security/cve/CVE-2023-52803"
},
{
"category": "external",
"summary": "SUSE Bug 1225008 for CVE-2023-52803",
"url": "https://bugzilla.suse.com/1225008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52803"
},
{
"cve": "CVE-2023-52821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52821",
"url": "https://www.suse.com/security/cve/CVE-2023-52821"
},
{
"category": "external",
"summary": "SUSE Bug 1225022 for CVE-2023-52821",
"url": "https://bugzilla.suse.com/1225022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52821"
},
{
"cve": "CVE-2023-52864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52864",
"url": "https://www.suse.com/security/cve/CVE-2023-52864"
},
{
"category": "external",
"summary": "SUSE Bug 1225132 for CVE-2023-52864",
"url": "https://bugzilla.suse.com/1225132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52865",
"url": "https://www.suse.com/security/cve/CVE-2023-52865"
},
{
"category": "external",
"summary": "SUSE Bug 1225086 for CVE-2023-52865",
"url": "https://bugzilla.suse.com/1225086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: possible buffer overflow\n\nBuffer \u0027afmt_status\u0027 of size 6 could overflow, since index \u0027afmt_idx\u0027 is\nchecked after access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52867",
"url": "https://www.suse.com/security/cve/CVE-2023-52867"
},
{
"category": "external",
"summary": "SUSE Bug 1225009 for CVE-2023-52867",
"url": "https://bugzilla.suse.com/1225009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52875",
"url": "https://www.suse.com/security/cve/CVE-2023-52875"
},
{
"category": "external",
"summary": "SUSE Bug 1225096 for CVE-2023-52875",
"url": "https://bugzilla.suse.com/1225096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc\n\nAny unprivileged user can attach N_GSM0710 ldisc, but it requires\nCAP_NET_ADMIN to create a GSM network anyway.\n\nRequire initial namespace CAP_NET_ADMIN to do that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52880",
"url": "https://www.suse.com/security/cve/CVE-2023-52880"
},
{
"category": "external",
"summary": "SUSE Bug 1222619 for CVE-2023-52880",
"url": "https://bugzilla.suse.com/1222619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2023-52880"
},
{
"cve": "CVE-2024-0639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0639"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u0027s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0639",
"url": "https://www.suse.com/security/cve/CVE-2024-0639"
},
{
"category": "external",
"summary": "SUSE Bug 1218917 for CVE-2024-0639",
"url": "https://bugzilla.suse.com/1218917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-26625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26625"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: call sock_orphan() at release time\n\nsyzbot reported an interesting trace [1] caused by a stale sk-\u003esk_wq\npointer in a closed llc socket.\n\nIn commit ff7b11aa481f (\"net: socket: set sock-\u003esk to NULL after\ncalling proto_ops::release()\") Eric Biggers hinted that some protocols\nare missing a sock_orphan(), we need to perform a full audit.\n\nIn net-next, I plan to clear sock-\u003esk from sock_orphan() and\namend Eric patch to add a warning.\n\n[1]\n BUG: KASAN: slab-use-after-free in list_empty include/linux/list.h:373 [inline]\n BUG: KASAN: slab-use-after-free in waitqueue_active include/linux/wait.h:127 [inline]\n BUG: KASAN: slab-use-after-free in sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n BUG: KASAN: slab-use-after-free in sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\nRead of size 8 at addr ffff88802f4fc880 by task ksoftirqd/1/27\n\nCPU: 1 PID: 27 Comm: ksoftirqd/1 Not tainted 6.8.0-rc1-syzkaller-00049-g6098d87eaf31 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc4/0x620 mm/kasan/report.c:488\n kasan_report+0xda/0x110 mm/kasan/report.c:601\n list_empty include/linux/list.h:373 [inline]\n waitqueue_active include/linux/wait.h:127 [inline]\n sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\n skb_release_head_state+0xa3/0x2b0 net/core/skbuff.c:1080\n skb_release_all net/core/skbuff.c:1092 [inline]\n napi_consume_skb+0x119/0x2b0 net/core/skbuff.c:1404\n e1000_unmap_and_free_tx_resource+0x144/0x200 drivers/net/ethernet/intel/e1000/e1000_main.c:1970\n e1000_clean_tx_irq drivers/net/ethernet/intel/e1000/e1000_main.c:3860 [inline]\n e1000_clean+0x4a1/0x26e0 drivers/net/ethernet/intel/e1000/e1000_main.c:3801\n __napi_poll.constprop.0+0xb4/0x540 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x956/0xe90 net/core/dev.c:6778\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\n run_ksoftirqd kernel/softirq.c:921 [inline]\n run_ksoftirqd+0x31/0x60 kernel/softirq.c:913\n smpboot_thread_fn+0x660/0xa10 kernel/smpboot.c:164\n kthread+0x2c6/0x3a0 kernel/kthread.c:388\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n \u003c/TASK\u003e\n\nAllocated by task 5167:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_lru+0x142/0x6f0 mm/slub.c:3879\n alloc_inode_sb include/linux/fs.h:3019 [inline]\n sock_alloc_inode+0x25/0x1c0 net/socket.c:308\n alloc_inode+0x5d/0x220 fs/inode.c:260\n new_inode_pseudo+0x16/0x80 fs/inode.c:1005\n sock_alloc+0x40/0x270 net/socket.c:634\n __sock_create+0xbc/0x800 net/socket.c:1535\n sock_create net/socket.c:1622 [inline]\n __sys_socket_create net/socket.c:1659 [inline]\n __sys_socket+0x14c/0x260 net/socket.c:1706\n __do_sys_socket net/socket.c:1720 [inline]\n __se_sys_socket net/socket.c:1718 [inline]\n __x64_sys_socket+0x72/0xb0 net/socket.c:1718\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd3/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 0:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3f/0x60 mm/kasan/generic.c:640\n poison_slab_object mm/kasan/common.c:241 [inline]\n __kasan_slab_free+0x121/0x1b0 mm/kasan/common.c:257\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2121 [inlin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26625",
"url": "https://www.suse.com/security/cve/CVE-2024-26625"
},
{
"category": "external",
"summary": "SUSE Bug 1221086 for CVE-2024-26625",
"url": "https://bugzilla.suse.com/1221086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: pass correct message length to ip6_append_data\n\nl2tp_ip6_sendmsg needs to avoid accounting for the transport header\ntwice when splicing more data into an already partially-occupied skbuff.\n\nTo manage this, we check whether the skbuff contains data using\nskb_queue_empty when deciding how much data to append using\nip6_append_data.\n\nHowever, the code which performed the calculation was incorrect:\n\n ulen = len + skb_queue_empty(\u0026sk-\u003esk_write_queue) ? transhdrlen : 0;\n\n...due to C operator precedence, this ends up setting ulen to\ntranshdrlen for messages with a non-zero length, which results in\ncorrupted packets on the wire.\n\nAdd parentheses to correct the calculation in line with the original\nintent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26752",
"url": "https://www.suse.com/security/cve/CVE-2024-26752"
},
{
"category": "external",
"summary": "SUSE Bug 1222667 for CVE-2024-26752",
"url": "https://bugzilla.suse.com/1222667"
},
{
"category": "external",
"summary": "SUSE Bug 1223292 for CVE-2024-26752",
"url": "https://bugzilla.suse.com/1223292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2024-26752"
},
{
"cve": "CVE-2024-26775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: avoid potential deadlock at set_capacity\n\nMove set_capacity() outside of the section procected by (\u0026d-\u003elock).\nTo avoid possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n[1] lock(\u0026bdev-\u003ebd_size_lock);\n local_irq_disable();\n [2] lock(\u0026d-\u003elock);\n [3] lock(\u0026bdev-\u003ebd_size_lock);\n \u003cInterrupt\u003e\n[4] lock(\u0026d-\u003elock);\n\n *** DEADLOCK ***\n\nWhere [1](\u0026bdev-\u003ebd_size_lock) hold by zram_add()-\u003eset_capacity().\n[2]lock(\u0026d-\u003elock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc()\nis trying to acquire [3](\u0026bdev-\u003ebd_size_lock) at set_capacity() call.\nIn this situation an attempt to acquire [4]lock(\u0026d-\u003elock) from\naoecmd_cfg_rsp() will lead to deadlock.\n\nSo the simplest solution is breaking lock dependency\n[2](\u0026d-\u003elock) -\u003e [3](\u0026bdev-\u003ebd_size_lock) by moving set_capacity()\noutside.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26775",
"url": "https://www.suse.com/security/cve/CVE-2024-26775"
},
{
"category": "external",
"summary": "SUSE Bug 1222627 for CVE-2024-26775",
"url": "https://bugzilla.suse.com/1222627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26775"
},
{
"cve": "CVE-2024-26791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: dev-replace: properly validate device names\n\nThere\u0027s a syzbot report that device name buffers passed to device\nreplace are not properly checked for string termination which could lead\nto a read out of bounds in getname_kernel().\n\nAdd a helper that validates both source and target device name buffers.\nFor devid as the source initialize the buffer to empty string in case\nsomething tries to read it later.\n\nThis was originally analyzed and fixed in a different way by Edward Adam\nDavis (see links).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26791",
"url": "https://www.suse.com/security/cve/CVE-2024-26791"
},
{
"category": "external",
"summary": "SUSE Bug 1222793 for CVE-2024-26791",
"url": "https://bugzilla.suse.com/1222793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fc: do not wait in vain when unloading module\n\nThe module exit path has race between deleting all controllers and\nfreeing \u0027left over IDs\u0027. To prevent double free a synchronization\nbetween nvme_delete_ctrl and ida_destroy has been added by the initial\ncommit.\n\nThere is some logic around trying to prevent from hanging forever in\nwait_for_completion, though it does not handling all cases. E.g.\nblktests is able to reproduce the situation where the module unload\nhangs forever.\n\nIf we completely rely on the cleanup code executed from the\nnvme_delete_ctrl path, all IDs will be freed eventually. This makes\ncalling ida_destroy unnecessary. We only have to ensure that all\nnvme_delete_ctrl code has been executed before we leave\nnvme_fc_exit_module. This is done by flushing the nvme_delete_wq\nworkqueue.\n\nWhile at it, remove the unused nvme_fc_wq workqueue too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26846",
"url": "https://www.suse.com/security/cve/CVE-2024-26846"
},
{
"category": "external",
"summary": "SUSE Bug 1223023 for CVE-2024-26846",
"url": "https://bugzilla.suse.com/1223023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26846"
},
{
"cve": "CVE-2024-26874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip\n\nIt\u0027s possible that mtk_crtc-\u003eevent is NULL in\nmtk_drm_crtc_finish_page_flip().\n\npending_needs_vblank value is set by mtk_crtc-\u003eevent, but in\nmtk_drm_crtc_atomic_flush(), it\u0027s is not guarded by the same\nlock in mtk_drm_finish_page_flip(), thus a race condition happens.\n\nConsider the following case:\n\nCPU1 CPU2\nstep 1:\nmtk_drm_crtc_atomic_begin()\nmtk_crtc-\u003eevent is not null,\n step 1:\n mtk_drm_crtc_atomic_flush:\n mtk_drm_crtc_update_config(\n !!mtk_crtc-\u003eevent)\nstep 2:\nmtk_crtc_ddp_irq -\u003e\nmtk_drm_finish_page_flip:\nlock\nmtk_crtc-\u003eevent set to null,\npending_needs_vblank set to false\nunlock\n pending_needs_vblank set to true,\n\n step 2:\n mtk_crtc_ddp_irq -\u003e\n mtk_drm_finish_page_flip called again,\n pending_needs_vblank is still true\n //null pointer\n\nInstead of guarding the entire mtk_drm_crtc_atomic_flush(), it\u0027s more\nefficient to just check if mtk_crtc-\u003eevent is null before use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26874",
"url": "https://www.suse.com/security/cve/CVE-2024-26874"
},
{
"category": "external",
"summary": "SUSE Bug 1223048 for CVE-2024-26874",
"url": "https://bugzilla.suse.com/1223048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26874"
},
{
"cve": "CVE-2024-26876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: adv7511: fix crash on irq during probe\n\nMoved IRQ registration down to end of adv7511_probe().\n\nIf an IRQ already is pending during adv7511_probe\n(before adv7511_cec_init) then cec_received_msg_ts\ncould crash using uninitialized data:\n\n Unable to handle kernel read from unreadable memory at virtual address 00000000000003d5\n Internal error: Oops: 96000004 [#1] PREEMPT_RT SMP\n Call trace:\n cec_received_msg_ts+0x48/0x990 [cec]\n adv7511_cec_irq_process+0x1cc/0x308 [adv7511]\n adv7511_irq_process+0xd8/0x120 [adv7511]\n adv7511_irq_handler+0x1c/0x30 [adv7511]\n irq_thread_fn+0x30/0xa0\n irq_thread+0x14c/0x238\n kthread+0x190/0x1a8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26876",
"url": "https://www.suse.com/security/cve/CVE-2024-26876"
},
{
"category": "external",
"summary": "SUSE Bug 1223119 for CVE-2024-26876",
"url": "https://bugzilla.suse.com/1223119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26876"
},
{
"cve": "CVE-2024-26900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev-\u003eserial\n\nIf kobject_add() is fail in bind_rdev_to_array(), \u0027rdev-\u003eserial\u0027 will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [\u003c0000000058b0a453\u003e] kmemleak_alloc+0x61/0xe0\n [\u003c00000000366adf14\u003e] __kmalloc_large_node+0x15e/0x270\n [\u003c000000002e82961b\u003e] __kmalloc_node.cold+0x11/0x7f\n [\u003c00000000f206d60a\u003e] kvmalloc_node+0x74/0x150\n [\u003c0000000034bf3363\u003e] rdev_init_serial+0x67/0x170\n [\u003c0000000010e08fe9\u003e] mddev_create_serial_pool+0x62/0x220\n [\u003c00000000c3837bf0\u003e] bind_rdev_to_array+0x2af/0x630\n [\u003c0000000073c28560\u003e] md_add_new_disk+0x400/0x9f0\n [\u003c00000000770e30ff\u003e] md_ioctl+0x15bf/0x1c10\n [\u003c000000006cfab718\u003e] blkdev_ioctl+0x191/0x3f0\n [\u003c0000000085086a11\u003e] vfs_ioctl+0x22/0x60\n [\u003c0000000018b656fe\u003e] __x64_sys_ioctl+0xba/0xe0\n [\u003c00000000e54e675e\u003e] do_syscall_64+0x71/0x150\n [\u003c000000008b0ad622\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26900",
"url": "https://www.suse.com/security/cve/CVE-2024-26900"
},
{
"category": "external",
"summary": "SUSE Bug 1223046 for CVE-2024-26900",
"url": "https://bugzilla.suse.com/1223046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Reset IH OVERFLOW_CLEAR bit\n\nAllows us to detect subsequent IH ring buffer overflows as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26915",
"url": "https://www.suse.com/security/cve/CVE-2024-26915"
},
{
"category": "external",
"summary": "SUSE Bug 1223207 for CVE-2024-26915",
"url": "https://bugzilla.suse.com/1223207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26915"
},
{
"cve": "CVE-2024-26920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/trigger: Fix to return error if failed to alloc snapshot\n\nFix register_snapshot_trigger() to return error code if it failed to\nallocate a snapshot instead of 0 (success). Unless that, it will register\nsnapshot trigger without an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26920",
"url": "https://www.suse.com/security/cve/CVE-2024-26920"
},
{
"category": "external",
"summary": "SUSE Bug 1228237 for CVE-2024-26920",
"url": "https://bugzilla.suse.com/1228237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb-\u003esk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb-\u003esk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead-\u003esk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff-\u003esk member, we must move the\noffset into the FRAG_CB, else skb-\u003esk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won\u0027t continue past reasm engine.\n\nIn the latter case, we will steal the skb-\u003esk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26921",
"url": "https://www.suse.com/security/cve/CVE-2024-26921"
},
{
"category": "external",
"summary": "SUSE Bug 1223138 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "external",
"summary": "SUSE Bug 1223139 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26931",
"url": "https://www.suse.com/security/cve/CVE-2024-26931"
},
{
"category": "external",
"summary": "SUSE Bug 1223627 for CVE-2024-26931",
"url": "https://bugzilla.suse.com/1223627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface\u0027s parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can\u0027t complete\nuntil the device lock has been released, and the lock won\u0027t be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \u003csamsun1006219@gmail.com\u003e\nReported by: xingwei lee \u003cxrivendell7@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26934",
"url": "https://www.suse.com/security/cve/CVE-2024-26934"
},
{
"category": "external",
"summary": "SUSE Bug 1223671 for CVE-2024-26934",
"url": "https://bugzilla.suse.com/1223671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: fix reference counting on zcrypt card objects\n\nTests with hot-plugging crytpo cards on KVM guests with debug\nkernel build revealed an use after free for the load field of\nthe struct zcrypt_card. The reason was an incorrect reference\nhandling of the zcrypt card object which could lead to a free\nof the zcrypt card object while it was still in use.\n\nThis is an example of the slab message:\n\n kernel: 0x00000000885a7512-0x00000000885a7513 @offset=1298. First byte 0x68 instead of 0x6b\n kernel: Allocated in zcrypt_card_alloc+0x36/0x70 [zcrypt] age=18046 cpu=3 pid=43\n kernel: kmalloc_trace+0x3f2/0x470\n kernel: zcrypt_card_alloc+0x36/0x70 [zcrypt]\n kernel: zcrypt_cex4_card_probe+0x26/0x380 [zcrypt_cex4]\n kernel: ap_device_probe+0x15c/0x290\n kernel: really_probe+0xd2/0x468\n kernel: driver_probe_device+0x40/0xf0\n kernel: __device_attach_driver+0xc0/0x140\n kernel: bus_for_each_drv+0x8c/0xd0\n kernel: __device_attach+0x114/0x198\n kernel: bus_probe_device+0xb4/0xc8\n kernel: device_add+0x4d2/0x6e0\n kernel: ap_scan_adapter+0x3d0/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: Freed in zcrypt_card_put+0x54/0x80 [zcrypt] age=9024 cpu=3 pid=43\n kernel: kfree+0x37e/0x418\n kernel: zcrypt_card_put+0x54/0x80 [zcrypt]\n kernel: ap_device_remove+0x4c/0xe0\n kernel: device_release_driver_internal+0x1c4/0x270\n kernel: bus_remove_device+0x100/0x188\n kernel: device_del+0x164/0x3c0\n kernel: device_unregister+0x30/0x90\n kernel: ap_scan_adapter+0xc8/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: kthread+0x150/0x168\n kernel: __ret_from_fork+0x3c/0x58\n kernel: ret_from_fork+0xa/0x30\n kernel: Slab 0x00000372022169c0 objects=20 used=18 fp=0x00000000885a7c88 flags=0x3ffff00000000a00(workingset|slab|node=0|zone=1|lastcpupid=0x1ffff)\n kernel: Object 0x00000000885a74b8 @offset=1208 fp=0x00000000885a7c88\n kernel: Redzone 00000000885a74b0: bb bb bb bb bb bb bb bb ........\n kernel: Object 00000000885a74b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74f8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a7508: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 68 4b 6b 6b 6b a5 kkkkkkkkkkhKkkk.\n kernel: Redzone 00000000885a7518: bb bb bb bb bb bb bb bb ........\n kernel: Padding 00000000885a756c: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\n kernel: CPU: 0 PID: 387 Comm: systemd-udevd Not tainted 6.8.0-HF #2\n kernel: Hardware name: IBM 3931 A01 704 (KVM/Linux)\n kernel: Call Trace:\n kernel: [\u003c00000000ca5ab5b8\u003e] dump_stack_lvl+0x90/0x120\n kernel: [\u003c00000000c99d78bc\u003e] check_bytes_and_report+0x114/0x140\n kernel: [\u003c00000000c99d53cc\u003e] check_object+0x334/0x3f8\n kernel: [\u003c00000000c99d820c\u003e] alloc_debug_processing+0xc4/0x1f8\n kernel: [\u003c00000000c99d852e\u003e] get_partial_node.part.0+0x1ee/0x3e0\n kernel: [\u003c00000000c99d94ec\u003e] ___slab_alloc+0xaf4/0x13c8\n kernel: [\u003c00000000c99d9e38\u003e] __slab_alloc.constprop.0+0x78/0xb8\n kernel: [\u003c00000000c99dc8dc\u003e] __kmalloc+0x434/0x590\n kernel: [\u003c00000000c9b4c0ce\u003e] ext4_htree_store_dirent+0x4e/0x1c0\n kernel: [\u003c00000000c9b908a2\u003e] htree_dirblock_to_tree+0x17a/0x3f0\n kernel: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26957",
"url": "https://www.suse.com/security/cve/CVE-2024-26957"
},
{
"category": "external",
"summary": "SUSE Bug 1223666 for CVE-2024-26957",
"url": "https://bugzilla.suse.com/1223666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix UAF in direct writes\n\nIn production we have been hitting the following warning consistently\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28 refcount_warn_saturate+0x9c/0xe0\nWorkqueue: nfsiod nfs_direct_write_schedule_work [nfs]\nRIP: 0010:refcount_warn_saturate+0x9c/0xe0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x9f/0x130\n ? refcount_warn_saturate+0x9c/0xe0\n ? report_bug+0xcc/0x150\n ? handle_bug+0x3d/0x70\n ? exc_invalid_op+0x16/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? refcount_warn_saturate+0x9c/0xe0\n nfs_direct_write_schedule_work+0x237/0x250 [nfs]\n process_one_work+0x12f/0x4a0\n worker_thread+0x14e/0x3b0\n ? ZSTD_getCParams_internal+0x220/0x220\n kthread+0xdc/0x120\n ? __btf_name_valid+0xa0/0xa0\n ret_from_fork+0x1f/0x30\n\nThis is because we\u0027re completing the nfs_direct_request twice in a row.\n\nThe source of this is when we have our commit requests to submit, we\nprocess them and send them off, and then in the completion path for the\ncommit requests we have\n\nif (nfs_commit_end(cinfo.mds))\n\tnfs_direct_write_complete(dreq);\n\nHowever since we\u0027re submitting asynchronous requests we sometimes have\none that completes before we submit the next one, so we end up calling\ncomplete on the nfs_direct_request twice.\n\nThe only other place we use nfs_generic_commit_list() is in\n__nfs_commit_inode, which wraps this call in a\n\nnfs_commit_begin();\nnfs_commit_end();\n\nWhich is a common pattern for this style of completion handling, one\nthat is also repeated in the direct code with get_dreq()/put_dreq()\ncalls around where we process events as well as in the completion paths.\n\nFix this by using the same pattern for the commit requests.\n\nBefore with my 200 node rocksdb stress running this warning would pop\nevery 10ish minutes. With my patch the stress test has been running for\nseveral hours without popping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26958",
"url": "https://www.suse.com/security/cve/CVE-2024-26958"
},
{
"category": "external",
"summary": "SUSE Bug 1223653 for CVE-2024-26958",
"url": "https://bugzilla.suse.com/1223653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: fix instmem race condition around ptr stores\n\nRunning a lot of VK CTS in parallel against nouveau, once every\nfew hours you might see something like this crash.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 8000000114e6e067 P4D 8000000114e6e067 PUD 109046067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 7 PID: 53891 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\nHardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\nRIP: 0010:gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\nCode: c7 48 01 c8 49 89 45 58 85 d2 0f 84 95 00 00 00 41 0f b7 46 12 49 8b 7e 08 89 da 42 8d 2c f8 48 8b 47 08 41 83 c7 01 48 89 ee \u003c48\u003e 8b 40 08 ff d0 0f 1f 00 49 8b 7e 08 48 89 d9 48 8d 75 04 48 c1\nRSP: 0000:ffffac20c5857838 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000004d8001 RCX: 0000000000000001\nRDX: 00000000004d8001 RSI: 00000000000006d8 RDI: ffffa07afe332180\nRBP: 00000000000006d8 R08: ffffac20c5857ad0 R09: 0000000000ffff10\nR10: 0000000000000001 R11: ffffa07af27e2de0 R12: 000000000000001c\nR13: ffffac20c5857ad0 R14: ffffa07a96fe9040 R15: 000000000000001c\nFS: 00007fe395eed7c0(0000) GS:ffffa07e2c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000011febe001 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n...\n\n ? gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\n ? gp100_vmm_pgt_mem+0x37/0x180 [nouveau]\n nvkm_vmm_iter+0x351/0xa20 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __lock_acquire+0x3ed/0x2170\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_ptes_get_map+0xc2/0x100 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_map_locked+0x224/0x3a0 [nouveau]\n\nAdding any sort of useful debug usually makes it go away, so I hand\nwrote the function in a line, and debugged the asm.\n\nEvery so often pt-\u003ememory-\u003eptrs is NULL. This ptrs ptr is set in\nthe nv50_instobj_acquire called from nvkm_kmap.\n\nIf Thread A and Thread B both get to nv50_instobj_acquire around\nthe same time, and Thread A hits the refcount_set line, and in\nlockstep thread B succeeds at refcount_inc_not_zero, there is a\nchance the ptrs value won\u0027t have been stored since refcount_set\nis unordered. Force a memory barrier here, I picked smp_mb, since\nwe want it on all CPUs and it\u0027s write followed by a read.\n\nv2: use paired smp_rmb/smp_wmb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26984",
"url": "https://www.suse.com/security/cve/CVE-2024-26984"
},
{
"category": "external",
"summary": "SUSE Bug 1223633 for CVE-2024-26984",
"url": "https://bugzilla.suse.com/1223633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error\n\nWhen ncm function is working and then stop usb0 interface for link down,\neth_stop() is called. At this piont, accidentally if usb transport error\nshould happen in usb_ep_enable(), \u0027in_ep\u0027 and/or \u0027out_ep\u0027 may not be enabled.\n\nAfter that, ncm_disable() is called to disable for ncm unbind\nbut gether_disconnect() is never called since \u0027in_ep\u0027 is not enabled.\n\nAs the result, ncm object is released in ncm unbind\nbut \u0027dev-\u003eport_usb\u0027 associated to \u0027ncm-\u003eport\u0027 is not NULL.\n\nAnd when ncm bind again to recover netdev, ncm object is reallocated\nbut usb0 interface is already associated to previous released ncm object.\n\nTherefore, once usb0 interface is up and eth_start_xmit() is called,\nreleased ncm object is dereferrenced and it might cause use-after-free memory.\n\n[function unlink via configfs]\n usb0: eth_stop dev-\u003eport_usb=ffffff9b179c3200\n --\u003e error happens in usb_ep_enable().\n NCM: ncm_disable: ncm=ffffff9b179c3200\n --\u003e no gether_disconnect() since ncm-\u003eport.in_ep-\u003eenabled is false.\n NCM: ncm_unbind: ncm unbind ncm=ffffff9b179c3200\n NCM: ncm_free: ncm free ncm=ffffff9b179c3200 \u003c-- released ncm\n\n[function link via configfs]\n NCM: ncm_alloc: ncm alloc ncm=ffffff9ac4f8a000\n NCM: ncm_bind: ncm bind ncm=ffffff9ac4f8a000\n NCM: ncm_set_alt: ncm=ffffff9ac4f8a000 alt=0\n usb0: eth_open dev-\u003eport_usb=ffffff9b179c3200 \u003c-- previous released ncm\n usb0: eth_start dev-\u003eport_usb=ffffff9b179c3200 \u003c--\n eth_start_xmit()\n --\u003e dev-\u003ewrap()\n Unable to handle kernel paging request at virtual address dead00000000014f\n\nThis patch addresses the issue by checking if \u0027ncm-\u003enetdev\u0027 is not NULL at\nncm_disable() to call gether_disconnect() to deassociate \u0027dev-\u003eport_usb\u0027.\nIt\u0027s more reasonable to check \u0027ncm-\u003enetdev\u0027 to call gether_connect/disconnect\nrather than check \u0027ncm-\u003eport.in_ep-\u003eenabled\u0027 since it might not be enabled\nbut the gether connection might be established.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26996",
"url": "https://www.suse.com/security/cve/CVE-2024-26996"
},
{
"category": "external",
"summary": "SUSE Bug 1223752 for CVE-2024-26996",
"url": "https://bugzilla.suse.com/1223752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-27008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: nv04: Fix out of bounds access\n\nWhen Output Resource (dcb-\u003eor) value is assigned in\nfabricate_dcb_output(), there may be out of bounds access to\ndac_users array in case dcb-\u003eor is zero because ffs(dcb-\u003eor) is\nused as index there.\nThe \u0027or\u0027 argument of fabricate_dcb_output() must be interpreted as a\nnumber of bit to set, not value.\n\nUtilize macros from \u0027enum nouveau_or\u0027 in calls instead of hardcoding.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27008",
"url": "https://www.suse.com/security/cve/CVE-2024-27008"
},
{
"category": "external",
"summary": "SUSE Bug 1223802 for CVE-2024-27008",
"url": "https://bugzilla.suse.com/1223802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27054",
"url": "https://www.suse.com/security/cve/CVE-2024-27054"
},
{
"category": "external",
"summary": "SUSE Bug 1223819 for CVE-2024-27054",
"url": "https://bugzilla.suse.com/1223819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27059",
"url": "https://www.suse.com/security/cve/CVE-2024-27059"
},
{
"category": "external",
"summary": "SUSE Bug 1223738 for CVE-2024-27059",
"url": "https://bugzilla.suse.com/1223738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: lock the client object tree.\n\nIt appears the client object tree has no locking unless I\u0027ve missed\nsomething else. Fix races around adding/removing client objects,\nmostly vram bar mappings.\n\n 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI\n[ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\n[ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\n[ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 \u003c48\u003e 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe\n[ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206\n[ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58\n[ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400\n[ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000\n[ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0\n[ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007\n[ 4562.099528] FS: 00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000\n[ 4562.099534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0\n[ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4562.099544] Call Trace:\n[ 4562.099555] \u003cTASK\u003e\n[ 4562.099573] ? die_addr+0x36/0x90\n[ 4562.099583] ? exc_general_protection+0x246/0x4a0\n[ 4562.099593] ? asm_exc_general_protection+0x26/0x30\n[ 4562.099600] ? nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099730] nvkm_ioctl+0xa1/0x250 [nouveau]\n[ 4562.099861] nvif_object_map_handle+0xc8/0x180 [nouveau]\n[ 4562.099986] nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau]\n[ 4562.100156] ? dma_resv_test_signaled+0x26/0xb0\n[ 4562.100163] ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm]\n[ 4562.100182] ? __mutex_unlock_slowpath+0x2a/0x270\n[ 4562.100189] nouveau_ttm_fault+0x69/0xb0 [nouveau]\n[ 4562.100356] __do_fault+0x32/0x150\n[ 4562.100362] do_fault+0x7c/0x560\n[ 4562.100369] __handle_mm_fault+0x800/0xc10\n[ 4562.100382] handle_mm_fault+0x17c/0x3e0\n[ 4562.100388] do_user_addr_fault+0x208/0x860\n[ 4562.100395] exc_page_fault+0x7f/0x200\n[ 4562.100402] asm_exc_page_fault+0x26/0x30\n[ 4562.100412] RIP: 0033:0x9b9870\n[ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 \u003c44\u003e 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7\n[ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246\n[ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000\n[ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066\n[ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000\n[ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff\n[ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 4562.100446] \u003c/TASK\u003e\n[ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27062",
"url": "https://www.suse.com/security/cve/CVE-2024-27062"
},
{
"category": "external",
"summary": "SUSE Bug 1223834 for CVE-2024-27062",
"url": "https://bugzilla.suse.com/1223834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27396",
"url": "https://www.suse.com/security/cve/CVE-2024-27396"
},
{
"category": "external",
"summary": "SUSE Bug 1224096 for CVE-2024-27396",
"url": "https://bugzilla.suse.com/1224096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27401",
"url": "https://www.suse.com/security/cve/CVE-2024-27401"
},
{
"category": "external",
"summary": "SUSE Bug 1224181 for CVE-2024-27401",
"url": "https://bugzilla.suse.com/1224181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27401"
},
{
"cve": "CVE-2024-27419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Fix data-races around sysctl_net_busy_read\n\nWe need to protect the reader reading the sysctl value because the\nvalue can be changed concurrently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27419",
"url": "https://www.suse.com/security/cve/CVE-2024-27419"
},
{
"category": "external",
"summary": "SUSE Bug 1224759 for CVE-2024-27419",
"url": "https://bugzilla.suse.com/1224759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "low"
}
],
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Stop parsing channels bits when all channels are found.\n\nIf a usb audio device sets more bits than the amount of channels\nit could write outside of the map array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27436",
"url": "https://www.suse.com/security/cve/CVE-2024-27436"
},
{
"category": "external",
"summary": "SUSE Bug 1224803 for CVE-2024-27436",
"url": "https://bugzilla.suse.com/1224803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-35789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35789",
"url": "https://www.suse.com/security/cve/CVE-2024-35789"
},
{
"category": "external",
"summary": "SUSE Bug 1224749 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "external",
"summary": "SUSE Bug 1227320 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1227320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "important"
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region()\n\nDo the cache flush of converted pages in svm_register_enc_region() before\ndropping kvm-\u003elock to fix use-after-free issues where region and/or its\narray of pages could be freed by a different task, e.g. if userspace has\n__unregister_enc_region_locked() already queued up for the region.\n\nNote, the \"obvious\" alternative of using local variables doesn\u0027t fully\nresolve the bug, as region-\u003epages is also dynamically allocated. I.e. the\nregion structure itself would be fine, but region-\u003epages could be freed.\n\nFlushing multiple pages under kvm-\u003elock is unfortunate, but the entire\nflow is a rare slow path, and the manual flush is only needed on CPUs that\nlack coherency for encrypted memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35791",
"url": "https://www.suse.com/security/cve/CVE-2024-35791"
},
{
"category": "external",
"summary": "SUSE Bug 1224725 for CVE-2024-35791",
"url": "https://bugzilla.suse.com/1224725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35791"
},
{
"cve": "CVE-2024-35809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/PM: Drain runtime-idle callbacks before driver removal\n\nA race condition between the .runtime_idle() callback and the .remove()\ncallback in the rtsx_pcr PCI driver leads to a kernel crash due to an\nunhandled page fault [1].\n\nThe problem is that rtsx_pci_runtime_idle() is not expected to be running\nafter pm_runtime_get_sync() has been called, but the latter doesn\u0027t really\nguarantee that. It only guarantees that the suspend and resume callbacks\nwill not be running when it returns.\n\nHowever, if a .runtime_idle() callback is already running when\npm_runtime_get_sync() is called, the latter will notice that the runtime PM\nstatus of the device is RPM_ACTIVE and it will return right away without\nwaiting for the former to complete. In fact, it cannot wait for\n.runtime_idle() to complete because it may be called from that callback (it\narguably does not make much sense to do that, but it is not strictly\nprohibited).\n\nThus in general, whoever is providing a .runtime_idle() callback needs\nto protect it from running in parallel with whatever code runs after\npm_runtime_get_sync(). [Note that .runtime_idle() will not start after\npm_runtime_get_sync() has returned, but it may continue running then if it\nhas started earlier.]\n\nOne way to address that race condition is to call pm_runtime_barrier()\nafter pm_runtime_get_sync() (not before it, because a nonzero value of the\nruntime PM usage counter is necessary to prevent runtime PM callbacks from\nbeing invoked) to wait for the .runtime_idle() callback to complete should\nit be running at that point. A suitable place for doing that is in\npci_device_remove() which calls pm_runtime_get_sync() before removing the\ndriver, so it may as well call pm_runtime_barrier() subsequently, which\nwill prevent the race in question from occurring, not just in the rtsx_pcr\ndriver, but in any PCI drivers providing .runtime_idle() callbacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35809",
"url": "https://www.suse.com/security/cve/CVE-2024-35809"
},
{
"category": "external",
"summary": "SUSE Bug 1224738 for CVE-2024-35809",
"url": "https://bugzilla.suse.com/1224738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35809"
},
{
"cve": "CVE-2024-35811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach\n\nThis is the candidate patch of CVE-2023-47233 :\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47233\n\nIn brcm80211 driver,it starts with the following invoking chain\nto start init a timeout worker:\n\n-\u003ebrcmf_usb_probe\n -\u003ebrcmf_usb_probe_cb\n -\u003ebrcmf_attach\n -\u003ebrcmf_bus_started\n -\u003ebrcmf_cfg80211_attach\n -\u003ewl_init_priv\n -\u003ebrcmf_init_escan\n -\u003eINIT_WORK(\u0026cfg-\u003eescan_timeout_work,\n\t\t brcmf_cfg80211_escan_timeout_worker);\n\nIf we disconnect the USB by hotplug, it will call\nbrcmf_usb_disconnect to make cleanup. The invoking chain is :\n\nbrcmf_usb_disconnect\n -\u003ebrcmf_usb_disconnect_cb\n -\u003ebrcmf_detach\n -\u003ebrcmf_cfg80211_detach\n -\u003ekfree(cfg);\n\nWhile the timeout woker may still be running. This will cause\na use-after-free bug on cfg in brcmf_cfg80211_escan_timeout_worker.\n\nFix it by deleting the timer and canceling the worker in\nbrcmf_cfg80211_detach.\n\n[arend.vanspriel@broadcom.com: keep timer delete as is and cancel work just before free]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35811",
"url": "https://www.suse.com/security/cve/CVE-2024-35811"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2024-35811",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tc358743: register v4l2 async device only after successful setup\n\nEnsure the device has been setup correctly before registering the v4l2\nasync device, thus allowing userspace to access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35830",
"url": "https://www.suse.com/security/cve/CVE-2024-35830"
},
{
"category": "external",
"summary": "SUSE Bug 1224680 for CVE-2024-35830",
"url": "https://bugzilla.suse.com/1224680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35830"
},
{
"cve": "CVE-2024-35849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix information leak in btrfs_ioctl_logical_to_ino()\n\nSyzbot reported the following information leak for in\nbtrfs_ioctl_logical_to_ino():\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n btrfs_ioctl_logical_to_ino+0x440/0x750 fs/btrfs/ioctl.c:3499\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Uninit was created at:\n __kmalloc_large_node+0x231/0x370 mm/slub.c:3921\n __do_kmalloc_node mm/slub.c:3954 [inline]\n __kmalloc_node+0xb07/0x1060 mm/slub.c:3973\n kmalloc_node include/linux/slab.h:648 [inline]\n kvmalloc_node+0xc0/0x2d0 mm/util.c:634\n kvmalloc include/linux/slab.h:766 [inline]\n init_data_container+0x49/0x1e0 fs/btrfs/backref.c:2779\n btrfs_ioctl_logical_to_ino+0x17c/0x750 fs/btrfs/ioctl.c:3480\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Bytes 40-65535 of 65536 are uninitialized\n Memory access of size 65536 starts at ffff888045a40000\n\nThis happens, because we\u0027re copying a \u0027struct btrfs_data_container\u0027 back\nto user-space. This btrfs_data_container is allocated in\n\u0027init_data_container()\u0027 via kvmalloc(), which does not zero-fill the\nmemory.\n\nFix this by using kvzalloc() which zeroes out the memory on allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35849",
"url": "https://www.suse.com/security/cve/CVE-2024-35849"
},
{
"category": "external",
"summary": "SUSE Bug 1224733 for CVE-2024-35849",
"url": "https://bugzilla.suse.com/1224733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: fix VM_PAT handling in COW mappings\n\nPAT handling won\u0027t do the right thing in COW mappings: the first PTE (or,\nin fact, all PTEs) can be replaced during write faults to point at anon\nfolios. Reliably recovering the correct PFN and cachemode using\nfollow_phys() from PTEs will not work in COW mappings.\n\nUsing follow_phys(), we might just get the address+protection of the anon\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\ntrack_pfn_copy(), not properly calling free_pfn_range().\n\nIn free_pfn_range(), we either wouldn\u0027t call memtype_free() or would call\nit with the wrong range, possibly leaking memory.\n\nTo fix that, let\u0027s update follow_phys() to refuse returning anon folios,\nand fallback to using the stored PFN inside vma-\u003evm_pgoff for COW mappings\nif we run into that.\n\nWe will now properly handle untrack_pfn() with COW mappings, where we\ndon\u0027t need the cachemode. We\u0027ll have to fail fork()-\u003etrack_pfn_copy() if\nthe first page was replaced by an anon folio, though: we\u0027d have to store\nthe cachemode in the VMA to make this work, likely growing the VMA size.\n\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\ncase: it would have failed in the past with swap/nonswap entries already,\nand it would have done the wrong thing with anon folios.\n\nSimple reproducer to trigger the WARN_ON_ONCE() in untrack_pfn():\n\n\u003c--- C reproducer ---\u003e\n #include \u003cstdio.h\u003e\n #include \u003csys/mman.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003cliburing.h\u003e\n\n int main(void)\n {\n struct io_uring_params p = {};\n int ring_fd;\n size_t size;\n char *map;\n\n ring_fd = io_uring_setup(1, \u0026p);\n if (ring_fd \u003c 0) {\n perror(\"io_uring_setup\");\n return 1;\n }\n size = p.sq_off.array + p.sq_entries * sizeof(unsigned);\n\n /* Map the submission queue ring MAP_PRIVATE */\n map = mmap(0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE,\n ring_fd, IORING_OFF_SQ_RING);\n if (map == MAP_FAILED) {\n perror(\"mmap\");\n return 1;\n }\n\n /* We have at least one page. Let\u0027s COW it. */\n *map = 0;\n pause();\n return 0;\n }\n\u003c--- C reproducer ---\u003e\n\nOn a system with 16 GiB RAM and swap configured:\n # ./iouring \u0026\n # memhog 16G\n # killall iouring\n[ 301.552930] ------------[ cut here ]------------\n[ 301.553285] WARNING: CPU: 7 PID: 1402 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0xf4/0x100\n[ 301.553989] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_g\n[ 301.558232] CPU: 7 PID: 1402 Comm: iouring Not tainted 6.7.5-100.fc38.x86_64 #1\n[ 301.558772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebu4\n[ 301.559569] RIP: 0010:untrack_pfn+0xf4/0x100\n[ 301.559893] Code: 75 c4 eb cf 48 8b 43 10 8b a8 e8 00 00 00 3b 6b 28 74 b8 48 8b 7b 30 e8 ea 1a f7 000\n[ 301.561189] RSP: 0018:ffffba2c0377fab8 EFLAGS: 00010282\n[ 301.561590] RAX: 00000000ffffffea RBX: ffff9208c8ce9cc0 RCX: 000000010455e047\n[ 301.562105] RDX: 07fffffff0eb1e0a RSI: 0000000000000000 RDI: ffff9208c391d200\n[ 301.562628] RBP: 0000000000000000 R08: ffffba2c0377fab8 R09: 0000000000000000\n[ 301.563145] R10: ffff9208d2292d50 R11: 0000000000000002 R12: 00007fea890e0000\n[ 301.563669] R13: 0000000000000000 R14: ffffba2c0377fc08 R15: 0000000000000000\n[ 301.564186] FS: 0000000000000000(0000) GS:ffff920c2fbc0000(0000) knlGS:0000000000000000\n[ 301.564773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 301.565197] CR2: 00007fea88ee8a20 CR3: 00000001033a8000 CR4: 0000000000750ef0\n[ 301.565725] PKRU: 55555554\n[ 301.565944] Call Trace:\n[ 301.566148] \u003cTASK\u003e\n[ 301.566325] ? untrack_pfn+0xf4/0x100\n[ 301.566618] ? __warn+0x81/0x130\n[ 301.566876] ? untrack_pfn+0xf4/0x100\n[ 3\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35877",
"url": "https://www.suse.com/security/cve/CVE-2024-35877"
},
{
"category": "external",
"summary": "SUSE Bug 1224525 for CVE-2024-35877",
"url": "https://bugzilla.suse.com/1224525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: prevent NULL pointer dereference in vsnprintf()\n\nIn of_modalias(), we can get passed the str and len parameters which would\ncause a kernel oops in vsnprintf() since it only allows passing a NULL ptr\nwhen the length is also 0. Also, we need to filter out the negative values\nof the len parameter as these will result in a really huge buffer since\nsnprintf() takes size_t parameter while ours is ssize_t...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35878",
"url": "https://www.suse.com/security/cve/CVE-2024-35878"
},
{
"category": "external",
"summary": "SUSE Bug 1224671 for CVE-2024-35878",
"url": "https://bugzilla.suse.com/1224671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: fix use-after-free bugs caused by ax25_ds_del_timer\n\nWhen the ax25 device is detaching, the ax25_dev_device_down()\ncalls ax25_ds_del_timer() to cleanup the slave_timer. When\nthe timer handler is running, the ax25_ds_del_timer() that\ncalls del_timer() in it will return directly. As a result,\nthe use-after-free bugs could happen, one of the scenarios\nis shown below:\n\n (Thread 1) | (Thread 2)\n | ax25_ds_timeout()\nax25_dev_device_down() |\n ax25_ds_del_timer() |\n del_timer() |\n ax25_dev_put() //FREE |\n | ax25_dev-\u003e //USE\n\nIn order to mitigate bugs, when the device is detaching, use\ntimer_shutdown_sync() to stop the timer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35887",
"url": "https://www.suse.com/security/cve/CVE-2024-35887"
},
{
"category": "external",
"summary": "SUSE Bug 1224663 for CVE-2024-35887",
"url": "https://bugzilla.suse.com/1224663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35887"
},
{
"cve": "CVE-2024-35895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35895",
"url": "https://www.suse.com/security/cve/CVE-2024-35895"
},
{
"category": "external",
"summary": "SUSE Bug 1224511 for CVE-2024-35895",
"url": "https://bugzilla.suse.com/1224511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix error cleanup path in nfsd_rename()\n\nCommit a8b0026847b8 (\"rename(): avoid a deadlock in the case of parents\nhaving no common ancestor\") added an error bail out path. However this\npath does not drop the remount protection that has been acquired. Fix\nthe cleanup path to properly drop the remount protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35914",
"url": "https://www.suse.com/security/cve/CVE-2024-35914"
},
{
"category": "external",
"summary": "SUSE Bug 1224482 for CVE-2024-35914",
"url": "https://bugzilla.suse.com/1224482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-35932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: don\u0027t check if plane-\u003estate-\u003efb == state-\u003efb\n\nCurrently, when using non-blocking commits, we can see the following\nkernel warning:\n\n[ 110.908514] ------------[ cut here ]------------\n[ 110.908529] refcount_t: underflow; use-after-free.\n[ 110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0\n[ 110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_hash aes_arm64 aes_generic algif_skcipher af_alg bnep hid_logitech_hidpp vc4 brcmfmac hci_uart btbcm brcmutil bluetooth snd_soc_hdmi_codec cfg80211 cec drm_display_helper drm_dma_helper drm_kms_helper snd_soc_core snd_compress snd_pcm_dmaengine fb_sys_fops sysimgblt syscopyarea sysfillrect raspberrypi_hwmon ecdh_generic ecc rfkill libaes i2c_bcm2835 binfmt_misc joydev snd_bcm2835(C) bcm2835_codec(C) bcm2835_isp(C) v4l2_mem2mem videobuf2_dma_contig snd_pcm bcm2835_v4l2(C) raspberrypi_gpiomem bcm2835_mmal_vchiq(C) videobuf2_v4l2 snd_timer videobuf2_vmalloc videobuf2_memops videobuf2_common snd videodev vc_sm_cma(C) mc hid_logitech_dj uio_pdrv_genirq uio i2c_dev drm fuse dm_mod drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 110.909086] CPU: 0 PID: 1866 Comm: kodi.bin Tainted: G C 6.1.66-v8+ #32\n[ 110.909104] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 110.909114] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 110.909132] pc : refcount_dec_not_one+0xb8/0xc0\n[ 110.909152] lr : refcount_dec_not_one+0xb4/0xc0\n[ 110.909170] sp : ffffffc00913b9c0\n[ 110.909177] x29: ffffffc00913b9c0 x28: 000000556969bbb0 x27: 000000556990df60\n[ 110.909205] x26: 0000000000000002 x25: 0000000000000004 x24: ffffff8004448480\n[ 110.909230] x23: ffffff800570b500 x22: ffffff802e03a7bc x21: ffffffecfca68c78\n[ 110.909257] x20: ffffff8002b42000 x19: ffffff802e03a600 x18: 0000000000000000\n[ 110.909283] x17: 0000000000000011 x16: ffffffffffffffff x15: 0000000000000004\n[ 110.909308] x14: 0000000000000fff x13: ffffffed577e47e0 x12: 0000000000000003\n[ 110.909333] x11: 0000000000000000 x10: 0000000000000027 x9 : c912d0d083728c00\n[ 110.909359] x8 : c912d0d083728c00 x7 : 65646e75203a745f x6 : 746e756f63666572\n[ 110.909384] x5 : ffffffed579f62ee x4 : ffffffed579eb01e x3 : 0000000000000000\n[ 110.909409] x2 : 0000000000000000 x1 : ffffffc00913b750 x0 : 0000000000000001\n[ 110.909434] Call trace:\n[ 110.909441] refcount_dec_not_one+0xb8/0xc0\n[ 110.909461] vc4_bo_dec_usecnt+0x4c/0x1b0 [vc4]\n[ 110.909903] vc4_cleanup_fb+0x44/0x50 [vc4]\n[ 110.910315] drm_atomic_helper_cleanup_planes+0x88/0xa4 [drm_kms_helper]\n[ 110.910669] vc4_atomic_commit_tail+0x390/0x9dc [vc4]\n[ 110.911079] commit_tail+0xb0/0x164 [drm_kms_helper]\n[ 110.911397] drm_atomic_helper_commit+0x1d0/0x1f0 [drm_kms_helper]\n[ 110.911716] drm_atomic_commit+0xb0/0xdc [drm]\n[ 110.912569] drm_mode_atomic_ioctl+0x348/0x4b8 [drm]\n[ 110.913330] drm_ioctl_kernel+0xec/0x15c [drm]\n[ 110.914091] drm_ioctl+0x24c/0x3b0 [drm]\n[ 110.914850] __arm64_sys_ioctl+0x9c/0xd4\n[ 110.914873] invoke_syscall+0x4c/0x114\n[ 110.914897] el0_svc_common+0xd0/0x118\n[ 110.914917] do_el0_svc+0x38/0xd0\n[ 110.914936] el0_svc+0x30/0x8c\n[ 110.914958] el0t_64_sync_handler+0x84/0xf0\n[ 110.914979] el0t_64_sync+0x18c/0x190\n[ 110.914996] ---[ end trace 0000000000000000 ]---\n\nThis happens because, although `prepare_fb` and `cleanup_fb` are\nperfectly balanced, we cannot guarantee consistency in the check\nplane-\u003estate-\u003efb == state-\u003efb. This means that sometimes we can increase\nthe refcount in `prepare_fb` and don\u0027t decrease it in `cleanup_fb`. The\nopposite can also be true.\n\nIn fact, the struct drm_plane .state shouldn\u0027t be accessed directly\nbut instead, the `drm_atomic_get_new_plane_state()` helper function should\nbe used. So, we could stick to this check, but using\n`drm_atomic_get_new_plane_state()`. But actually, this check is not re\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35932",
"url": "https://www.suse.com/security/cve/CVE-2024-35932"
},
{
"category": "external",
"summary": "SUSE Bug 1224650 for CVE-2024-35932",
"url": "https://bugzilla.suse.com/1224650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35932"
},
{
"cve": "CVE-2024-35935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: send: handle path ref underflow in header iterate_inode_ref()\n\nChange BUG_ON to proper error handling if building the path buffer\nfails. The pointers are not printed so we don\u0027t accidentally leak kernel\naddresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35935",
"url": "https://www.suse.com/security/cve/CVE-2024-35935"
},
{
"category": "external",
"summary": "SUSE Bug 1224645 for CVE-2024-35935",
"url": "https://bugzilla.suse.com/1224645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()\n\nThe unhandled case in btrfs_relocate_sys_chunks() loop is a corruption,\nas it could be caused only by two impossible conditions:\n\n- at first the search key is set up to look for a chunk tree item, with\n offset -1, this is an inexact search and the key-\u003eoffset will contain\n the correct offset upon a successful search, a valid chunk tree item\n cannot have an offset -1\n\n- after first successful search, the found_key corresponds to a chunk\n item, the offset is decremented by 1 before the next loop, it\u0027s\n impossible to find a chunk item there due to alignment and size\n constraints",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35936",
"url": "https://www.suse.com/security/cve/CVE-2024-35936"
},
{
"category": "external",
"summary": "SUSE Bug 1224644 for CVE-2024-35936",
"url": "https://bugzilla.suse.com/1224644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()\n\nSyzkaller hit \u0027WARNING in dg_dispatch_as_host\u0027 bug.\n\nmemcpy: detected field-spanning write (size 56) of single field \"\u0026dg_info-\u003emsg\"\nat drivers/misc/vmw_vmci/vmci_datagram.c:237 (size 24)\n\nWARNING: CPU: 0 PID: 1555 at drivers/misc/vmw_vmci/vmci_datagram.c:237\ndg_dispatch_as_host+0x88e/0xa60 drivers/misc/vmw_vmci/vmci_datagram.c:237\n\nSome code commentry, based on my understanding:\n\n544 #define VMCI_DG_SIZE(_dg) (VMCI_DG_HEADERSIZE + (size_t)(_dg)-\u003epayload_size)\n/// This is 24 + payload_size\n\nmemcpy(\u0026dg_info-\u003emsg, dg, dg_size);\n\tDestination = dg_info-\u003emsg ---\u003e this is a 24 byte\n\t\t\t\t\tstructure(struct vmci_datagram)\n\tSource = dg --\u003e this is a 24 byte structure (struct vmci_datagram)\n\tSize = dg_size = 24 + payload_size\n\n{payload_size = 56-24 =32} -- Syzkaller managed to set payload_size to 32.\n\n 35 struct delayed_datagram_info {\n 36 struct datagram_entry *entry;\n 37 struct work_struct work;\n 38 bool in_dg_host_queue;\n 39 /* msg and msg_payload must be together. */\n 40 struct vmci_datagram msg;\n 41 u8 msg_payload[];\n 42 };\n\nSo those extra bytes of payload are copied into msg_payload[], a run time\nwarning is seen while fuzzing with Syzkaller.\n\nOne possible way to fix the warning is to split the memcpy() into\ntwo parts -- one -- direct assignment of msg and second taking care of payload.\n\nGustavo quoted:\n\"Under FORTIFY_SOURCE we should not copy data across multiple members\nin a structure.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35944",
"url": "https://www.suse.com/security/cve/CVE-2024-35944"
},
{
"category": "external",
"summary": "SUSE Bug 1224648 for CVE-2024-35944",
"url": "https://bugzilla.suse.com/1224648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Fix possible use-after-free issue on kprobe registration\n\nWhen unloading a module, its state is changing MODULE_STATE_LIVE -\u003e\n MODULE_STATE_GOING -\u003e MODULE_STATE_UNFORMED. Each change will take\na time. `is_module_text_address()` and `__module_text_address()`\nworks with MODULE_STATE_LIVE and MODULE_STATE_GOING.\nIf we use `is_module_text_address()` and `__module_text_address()`\nseparately, there is a chance that the first one is succeeded but the\nnext one is failed because module-\u003estate becomes MODULE_STATE_UNFORMED\nbetween those operations.\n\nIn `check_kprobe_address_safe()`, if the second `__module_text_address()`\nis failed, that is ignored because it expected a kernel_text address.\nBut it may have failed simply because module-\u003estate has been changed\nto MODULE_STATE_UNFORMED. In this case, arm_kprobe() will try to modify\nnon-exist module text address (use-after-free).\n\nTo fix this problem, we should not use separated `is_module_text_address()`\nand `__module_text_address()`, but use only `__module_text_address()`\nonce and do `try_module_get(module)` which is only available with\nMODULE_STATE_LIVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35955",
"url": "https://www.suse.com/security/cve/CVE-2024-35955"
},
{
"category": "external",
"summary": "SUSE Bug 1224676 for CVE-2024-35955",
"url": "https://bugzilla.suse.com/1224676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr\n\nAlthough ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it\nstill means hlist_for_each_entry_rcu can return an item that got removed\nfrom the list. The memory itself of such item is not freed thanks to RCU\nbut nothing guarantees the actual content of the memory is sane.\n\nIn particular, the reference count can be zero. This can happen if\nipv6_del_addr is called in parallel. ipv6_del_addr removes the entry\nfrom inet6_addr_lst (hlist_del_init_rcu(\u0026ifp-\u003eaddr_lst)) and drops all\nreferences (__in6_ifa_put(ifp) + in6_ifa_put(ifp)). With bad enough\ntiming, this can happen:\n\n1. In ipv6_get_ifaddr, hlist_for_each_entry_rcu returns an entry.\n\n2. Then, the whole ipv6_del_addr is executed for the given entry. The\n reference count drops to zero and kfree_rcu is scheduled.\n\n3. ipv6_get_ifaddr continues and tries to increments the reference count\n (in6_ifa_hold).\n\n4. The rcu is unlocked and the entry is freed.\n\n5. The freed entry is returned.\n\nPrevent increasing of the reference count in such case. The name\nin6_ifa_hold_safe is chosen to mimic the existing fib6_info_hold_safe.\n\n[ 41.506330] refcount_t: addition on 0; use-after-free.\n[ 41.506760] WARNING: CPU: 0 PID: 595 at lib/refcount.c:25 refcount_warn_saturate+0xa5/0x130\n[ 41.507413] Modules linked in: veth bridge stp llc\n[ 41.507821] CPU: 0 PID: 595 Comm: python3 Not tainted 6.9.0-rc2.main-00208-g49563be82afa #14\n[ 41.508479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n[ 41.509163] RIP: 0010:refcount_warn_saturate+0xa5/0x130\n[ 41.509586] Code: ad ff 90 0f 0b 90 90 c3 cc cc cc cc 80 3d c0 30 ad 01 00 75 a0 c6 05 b7 30 ad 01 01 90 48 c7 c7 38 cc 7a 8c e8 cc 18 ad ff 90 \u003c0f\u003e 0b 90 90 c3 cc cc cc cc 80 3d 98 30 ad 01 00 0f 85 75 ff ff ff\n[ 41.510956] RSP: 0018:ffffbda3c026baf0 EFLAGS: 00010282\n[ 41.511368] RAX: 0000000000000000 RBX: ffff9e9c46914800 RCX: 0000000000000000\n[ 41.511910] RDX: ffff9e9c7ec29c00 RSI: ffff9e9c7ec1c900 RDI: ffff9e9c7ec1c900\n[ 41.512445] RBP: ffff9e9c43660c9c R08: 0000000000009ffb R09: 00000000ffffdfff\n[ 41.512998] R10: 00000000ffffdfff R11: ffffffff8ca58a40 R12: ffff9e9c4339a000\n[ 41.513534] R13: 0000000000000001 R14: ffff9e9c438a0000 R15: ffffbda3c026bb48\n[ 41.514086] FS: 00007fbc4cda1740(0000) GS:ffff9e9c7ec00000(0000) knlGS:0000000000000000\n[ 41.514726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 41.515176] CR2: 000056233b337d88 CR3: 000000000376e006 CR4: 0000000000370ef0\n[ 41.515713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 41.516252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 41.516799] Call Trace:\n[ 41.517037] \u003cTASK\u003e\n[ 41.517249] ? __warn+0x7b/0x120\n[ 41.517535] ? refcount_warn_saturate+0xa5/0x130\n[ 41.517923] ? report_bug+0x164/0x190\n[ 41.518240] ? handle_bug+0x3d/0x70\n[ 41.518541] ? exc_invalid_op+0x17/0x70\n[ 41.520972] ? asm_exc_invalid_op+0x1a/0x20\n[ 41.521325] ? refcount_warn_saturate+0xa5/0x130\n[ 41.521708] ipv6_get_ifaddr+0xda/0xe0\n[ 41.522035] inet6_rtm_getaddr+0x342/0x3f0\n[ 41.522376] ? __pfx_inet6_rtm_getaddr+0x10/0x10\n[ 41.522758] rtnetlink_rcv_msg+0x334/0x3d0\n[ 41.523102] ? netlink_unicast+0x30f/0x390\n[ 41.523445] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n[ 41.523832] netlink_rcv_skb+0x53/0x100\n[ 41.524157] netlink_unicast+0x23b/0x390\n[ 41.524484] netlink_sendmsg+0x1f2/0x440\n[ 41.524826] __sys_sendto+0x1d8/0x1f0\n[ 41.525145] __x64_sys_sendto+0x1f/0x30\n[ 41.525467] do_syscall_64+0xa5/0x1b0\n[ 41.525794] entry_SYSCALL_64_after_hwframe+0x72/0x7a\n[ 41.526213] RIP: 0033:0x7fbc4cfcea9a\n[ 41.526528] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89\n[ 41.527942] RSP: 002b:00007f\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35969",
"url": "https://www.suse.com/security/cve/CVE-2024-35969"
},
{
"category": "external",
"summary": "SUSE Bug 1224580 for CVE-2024-35969",
"url": "https://bugzilla.suse.com/1224580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid infinite loop trying to resize local TT\n\nIf the MTU of one of an attached interface becomes too small to transmit\nthe local translation table then it must be resized to fit inside all\nfragments (when enabled) or a single packet.\n\nBut if the MTU becomes too low to transmit even the header + the VLAN\nspecific part then the resizing of the local TT will never succeed. This\ncan for example happen when the usable space is 110 bytes and 11 VLANs are\non top of batman-adv. In this case, at least 116 byte would be needed.\nThere will just be an endless spam of\n\n batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)\n\nin the log but the function will never finish. Problem here is that the\ntimeout will be halved all the time and will then stagnate at 0 and\ntherefore never be able to reduce the table even more.\n\nThere are other scenarios possible with a similar result. The number of\nBATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too\nhigh to fit inside a packet. Such a scenario can therefore happen also with\nonly a single VLAN + 7 non-purgable addresses - requiring at least 120\nbytes.\n\nWhile this should be handled proactively when:\n\n* interface with too low MTU is added\n* VLAN is added\n* non-purgeable local mac is added\n* MTU of an attached interface is reduced\n* fragmentation setting gets disabled (which most likely requires dropping\n attached interfaces)\n\nnot all of these scenarios can be prevented because batman-adv is only\nconsuming events without the the possibility to prevent these actions\n(non-purgable MAC address added, MTU of an attached interface is reduced).\nIt is therefore necessary to also make sure that the code is able to handle\nalso the situations when there were already incompatible system\nconfiguration are present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35982",
"url": "https://www.suse.com/security/cve/CVE-2024-35982"
},
{
"category": "external",
"summary": "SUSE Bug 1224566 for CVE-2024-35982",
"url": "https://bugzilla.suse.com/1224566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-35984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: smbus: fix NULL function pointer dereference\n\nBaruch reported an OOPS when using the designware controller as target\nonly. Target-only modes break the assumption of one transfer function\nalways being available. Fix this by always checking the pointer in\n__i2c_transfer.\n\n[wsa: dropped the simplification in core-smbus to avoid theoretical regressions]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35984",
"url": "https://www.suse.com/security/cve/CVE-2024-35984"
},
{
"category": "external",
"summary": "SUSE Bug 1224567 for CVE-2024-35984",
"url": "https://bugzilla.suse.com/1224567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-35984"
},
{
"cve": "CVE-2024-36015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36015",
"url": "https://www.suse.com/security/cve/CVE-2024-36015"
},
{
"category": "external",
"summary": "SUSE Bug 1225640 for CVE-2024-36015",
"url": "https://bugzilla.suse.com/1225640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-msm: pervent access to suspended controller\n\nGeneric sdhci code registers LED device and uses host-\u003eruntime_suspended\nflag to protect access to it. The sdhci-msm driver doesn\u0027t set this flag,\nwhich causes a crash when LED is accessed while controller is runtime\nsuspended. Fix this by setting the flag correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36029",
"url": "https://www.suse.com/security/cve/CVE-2024-36029"
},
{
"category": "external",
"summary": "SUSE Bug 1225708 for CVE-2024-36029",
"url": "https://bugzilla.suse.com/1225708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36029"
},
{
"cve": "CVE-2024-36954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36954",
"url": "https://www.suse.com/security/cve/CVE-2024-36954"
},
{
"category": "external",
"summary": "SUSE Bug 1225764 for CVE-2024-36954",
"url": "https://bugzilla.suse.com/1225764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.188.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.188.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.188.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-11T10:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36954"
}
]
}
suse-su-2024:2184-1
Vulnerability from csaf_suse
Published
2024-06-24 18:34
Modified
2024-06-24 18:34
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).
- CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
- CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
- CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
- CVE-2021-47206: Check return value after calling platform_get_resource() (bsc#1222894).
- CVE-2021-47238: Fixed memory leak in ip_mc_add1_src (bsc#1224847)
- CVE-2021-47245: Fixed out of bounds when parsing TCP options (bsc#1224838)
- CVE-2021-47246: Fixed page reclaim for dead peer hairpin (CVE-2021-47246 bsc#1224831).
- CVE-2021-47249: Fixed memory leak in rds_recvmsg (bsc#1224880)
- CVE-2021-47250: Fixed memory leak in netlbl_cipsov4_add_std (bsc#1224827)
- CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)
- CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot accesses (bsc#1224960).
- CVE-2021-47281: Fixed race of snd_seq_timer_open() (bsc#1224983).
- CVE-2021-47334: Fixed two use after free in ibmasm_init_one (bsc#1225112).
- CVE-2021-47352: Add validation for used length (bsc#1225124).
- CVE-2021-47355: Fixed possible use-after-free in nicstar_cleanup() (bsc#1225141).
- CVE-2021-47357: Fixed possible use-after-free in ia_module_exit() (bsc#1225144).
- CVE-2021-47361: Fixed error handling in mcb_alloc_bus() (bsc#1225151).
- CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225208).
- CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1225082)
- CVE-2021-47401: Fixed stack information leak (bsc#1225242).
- CVE-2021-47423: Fixed file release memory leak (bsc#1225366).
- CVE-2021-47431: Fixed gart.bo pin_count leak (bsc#1225390).
- CVE-2021-47469: Add SPI fix commit to be ignored (bsc#1225347)
- CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit() (bsc#1224907).
- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)
- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
- CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).
- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
- CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506)
- CVE-2022-48672: Fixed off-by-one error in unflatten_dt_nodes() (CVE-2022-48672 bsc#1223931).
- CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1223948).
- CVE-2022-48697: Fixed a use-after-free (bsc#1223922).
- CVE-2022-48702: Fixed out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923).
- CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)
- CVE-2022-48708: Fixed potential NULL dereference (bsc#1224942).
- CVE-2022-48710: Fixed a possible null pointer dereference (bsc#1225230).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
- CVE-2023-42755: Check user supplied offsets (bsc#1215702).
- CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).
- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
- CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).
- CVE-2023-52691: Fixed a double-free in si_dpm_init (bsc#1224607).
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)
- CVE-2023-52730: Fixed possible resource leaks in some error paths (bsc#1224956).
- CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace (bsc#1225222).
- CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)
- CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).
- CVE-2023-52821: Fixed a possible null pointer dereference (bsc#1225022).
- CVE-2023-52864: Fixed opening of char device (bsc#1225132).
- CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086).
- CVE-2023-52867: Fixed possible buffer overflow (bsc#1225009).
- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-26846: Do not wait in vain when unloading module (bsc#1223023).
- CVE-2024-26874: Fixed a null pointer crash in (bsc#1223048)
- CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).
- CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046).
- CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26957: Fixed reference counting on zcrypt card objects (bsc#1223666).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-26984: Fixed instmem race condition around ptr stores (bsc#1223633)
- CVE-2024-26996: Fixed UAF ncm object at re-bind after usb ep transport error (bsc#1223752).
- CVE-2024-27008: Fixed out of bounds access (CVE-2024-27008 bsc#1223802).
- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)
- CVE-2024-27436: Stop parsing channels bits when all channels are found (bsc#1224803).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725).
- CVE-2024-35809: Drain runtime-idle callbacks before driver removal (bsc#1224738).
- CVE-2024-35830: Register v4l2 async device only after successful setup (bsc#1224680).
- CVE-2024-35849: Fixed information leak in btrfs_ioctl_logical_to_ino() (bsc#1224733).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).
- CVE-2024-35887: Fixed use-after-free bugs caused by ax25_ds_del_timer (bsc#1224663)
- CVE-2024-35932: Do not check if plane->state->fb == state->fb (bsc#1224650).
- CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)
- CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2024-35982: Avoid infinite loop trying to resize local TT (bsc#1224566)
- CVE-2024-36029: Prevent access to suspended controller (bsc#1225708)
The following non-security bugs were fixed:
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- assoc_array: Fix BUG_ON during garbage collect.
- autofs: fix a leak in autofs_expire_indirect() (git-fixes)
- Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working (git-fixes).
- btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit (git-fixes)
- btrfs: check if root is readonly while setting security xattr (git-fixes)
- btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (git-fixes)
- btrfs: do not get an EINTR during drop_snapshot for reloc (git-fixes)
- btrfs: do not stop integrity writeback too early (git-fixes)
- btrfs: Explicitly handle btrfs_update_root failure (git-fixes)
- btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP (git-fixes)
- btrfs: fix btrfs_prev_leaf() to not return the same key twice (git-fixes)
- btrfs: fix deadlock when writing out space cache (git-fixes)
- Btrfs: fix incorrect {node,sector}size endianness from BTRFS_IOC_FS_INFO (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix lost error handling when looking up extended ref on log replay (git-fixes)
- btrfs: Fix NULL pointer exception in find_bio_stripe (git-fixes)
- btrfs: Fix out of bounds access in btrfs_search_slot (git-fixes)
- btrfs: fix race when deleting quota root from the dirty cow roots list (git-fixes)
- btrfs: fix range_end calculation in extent_write_locked_range (git-fixes)
- btrfs: fix return value mixup in btrfs_get_extent (git-fixes)
- btrfs: fix unaligned access in readdir (git-fixes)
- btrfs: limit device extents to the device size (git-fixes)
- btrfs: prevent to set invalid default subvolid (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: scrub: reject unsupported scrub flags (git-fixes)
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: in case of IO error log it (git-fixes)
- btrfs: send: limit number of clones and allocated memory size (git-fixes)
- btrfs: sysfs: use NOFS for device creation (git-fixes) Adjustment: add #include
- btrfs: tree-checker: add missing return after error in root_item (git-fixes)
- btrfs: tree-checker: add missing returns after data_ref alignment checks (git-fixes)
- btrfs: tree-checker: do not error out if extent ref hash does not match (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: tree-checker: Fix misleading group system information (git-fixes)
- btrfs: undo writable superblocke when sprouting fails (git-fixes)
- btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (git-fixes)
- ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() (git-fixes)
- ecryptfs: fix a memory leak bug in parse_tag_1_packet() (git-fixes)
- ecryptfs: fix kernel panic with null dev_name (git-fixes)
- ecryptfs: Fix typo in message (git-fixes)
- ep_create_wakeup_source(): dentry name can change under you (git-fixes)
- exportfs_decode_fh(): negative pinned may become positive without the parent locked (git-fixes)
- fscrypt: clean up some BUG_ON()s in block encryption/decryption (git-fixes)
- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes (git-fixes)
- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (git-fixes).
- ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1225059).
- l2tp: pass correct message length to ip6_append_data (git-fixes).
- lib/mpi: use kcalloc in mpi_resize (git-fixes).
- list: fix a data-race around ep->rdllist (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- mass-cve: Add convenience KBUILD_USER environment variable
- mass-cve: Always use bash in Makefile Some constrcts are just too convenient to leave them in favor of POSIX'd /bin/sh. Switch to explicit bash.
- mass-cve: Fail early without data files curl >$@ would create/update the file even if download fails. Use explicit argument to prevent continuation with empty cve2bugzilla file.
- mass-cve: Fix update detection with packed-refs Per-branch files are thing of the past, git may non-deterministically pack the ref files. Therefore use the timestamp of the whole packed-ref file (better false positive detection of update than breakage or false negative). Add unified approach to read packed-refs regardless of KSOURCE_GIT worktree or not.
- mass-cve: Make BRANCH mandatory
- mass-cve: Use dedicated worktree for reference updates So that any checkout in KSOURCE_GIT is not changed.
- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).
- netfilter: nf_queue: augment nfqa_cfg_policy (git-fixes).
- netfilter: nft_compat: explicitly reject ERROR and standard target (git-fixes).
- netfilter: x_tables: set module owner for icmp(6) matches (git-fixes).
- net/smc: fix fallback failed while sendmsg with fastopen (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net/tls: Remove the context from the list in tls_device_down (bsc#1221545).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).
- nfc: change order inside nfc_se_io error path (git-fixes).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- ppdev: Add an error check in register_device (git-fixes).
- printk: Disable passing console lock owner completely during panic() (bsc#1197894).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1223969).
- rds: avoid unenecessary cong_update in loop transport (git-fixes).
- rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp (git-fixes).
- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (bsc#1222893).
- rxrpc: Do not put crypto buffers on the stack (git-fixes).
- rxrpc: Fix a memory leak in rxkad_verify_response() (git-fixes).
- rxrpc: Provide a different lockdep key for call->user_mutex for kernel calls (git-fixes).
- rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing (git-fixes).
- rxrpc: Work around usercopy check (git-fixes).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224347).
- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1225062).
- scripts/check-kernel-fix: add -F parameter
- scripts/check-kernel-fix: avoid rechecking child branches when parents are OK Topological sorted dependency tree allows to optimize check-kernel-fixe in cases where parent already has the fix. There is not reason to check branches which merge from that branch as they will get the fix eventually.
- scripts/check-kernel-fix: print a message when no action is needed. Script exits without printing anything about the actions necessary in non-verbose mode. This can be confusing to a beginner user.
- scripts/common-functions: for_each_build_branch traverse branches in dependency topo sorted list
- scripts/common-functions: There are cases where Fixes tag is incorrect. Example would be bsc1223062 comment 3.
- scripts/cve_tools: Update README Issue was fixed in ad3235427c3
- scripts/git_sort/git_sort.py: add rafael/linux-pm.git#linux-next to remotes
- scripts/log2: Fix References: update detection The following change -REferences: git-fixes +REferences: git-fixes bsc#123456 (note the typo in E) will not be detected as a reference update and generates a commit message like
- scripts/PMU: Always use 12 digits for abbreviated hash references Kernel developers tend to use 12 digits for abbreviated hash references as this is mandatory for upstream work. Enforce this count in PMU for consistency.
- tcp: tcp_make_synack() can be called from process context (git-fixes).
- tls: Fix context leak on tls_device_down (bsc#1221545).
- tracing: Fix blocked reader of snapshot buffer (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tracing: Use strncpy instead of memcpy when copying comm in trace.c (git-fixes).
- tty/sysrq: replace smp_processor_id() with get_cpu() (bsc#1223540).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- wifi: cfg80211: avoid leaking stack data into trace (git-fixes).
- wifi: radiotap: fix kernel-doc notation warnings (git-fixes).
Patchnames
SUSE-2024-2184,SUSE-SLE-HA-12-SP5-2024-2184,SUSE-SLE-Live-Patching-12-SP5-2024-2184,SUSE-SLE-SDK-12-SP5-2024-2184,SUSE-SLE-SERVER-12-SP5-2024-2184,SUSE-SLE-WE-12-SP5-2024-2184
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).\n- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).\n- CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).\n- CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).\n- CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).\n- CVE-2021-47206: Check return value after calling platform_get_resource() (bsc#1222894).\n- CVE-2021-47238: Fixed memory leak in ip_mc_add1_src (bsc#1224847)\n- CVE-2021-47245: Fixed out of bounds when parsing TCP options (bsc#1224838)\n- CVE-2021-47246: Fixed page reclaim for dead peer hairpin (CVE-2021-47246 bsc#1224831).\n- CVE-2021-47249: Fixed memory leak in rds_recvmsg (bsc#1224880)\n- CVE-2021-47250: Fixed memory leak in netlbl_cipsov4_add_std (bsc#1224827)\n- CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)\n- CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot accesses (bsc#1224960).\n- CVE-2021-47281: Fixed race of snd_seq_timer_open() (bsc#1224983).\n- CVE-2021-47334: Fixed two use after free in ibmasm_init_one (bsc#1225112).\n- CVE-2021-47352: Add validation for used length (bsc#1225124).\n- CVE-2021-47355: Fixed possible use-after-free in nicstar_cleanup() (bsc#1225141).\n- CVE-2021-47357: Fixed possible use-after-free in ia_module_exit() (bsc#1225144).\n- CVE-2021-47361: Fixed error handling in mcb_alloc_bus() (bsc#1225151).\n- CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).\n- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).\n- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225208).\n- CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1225082)\n- CVE-2021-47401: Fixed stack information leak (bsc#1225242).\n- CVE-2021-47423: Fixed file release memory leak (bsc#1225366).\n- CVE-2021-47431: Fixed gart.bo pin_count leak (bsc#1225390).\n- CVE-2021-47469: Add SPI fix commit to be ignored (bsc#1225347)\n- CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit() (bsc#1224907).\n- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)\n- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).\n- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).\n- CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).\n- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).\n- CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506)\n- CVE-2022-48672: Fixed off-by-one error in unflatten_dt_nodes() (CVE-2022-48672 bsc#1223931).\n- CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1223948).\n- CVE-2022-48697: Fixed a use-after-free (bsc#1223922). \n- CVE-2022-48702: Fixed out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923).\n- CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)\n- CVE-2022-48708: Fixed potential NULL dereference (bsc#1224942).\n- CVE-2022-48710: Fixed a possible null pointer dereference (bsc#1225230).\n- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).\n- CVE-2023-42755: Check user supplied offsets (bsc#1215702).\n- CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).\n- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).\n- CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).\n- CVE-2023-52691: Fixed a double-free in si_dpm_init (bsc#1224607).\n- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)\n- CVE-2023-52730: Fixed possible resource leaks in some error paths (bsc#1224956).\n- CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace (bsc#1225222).\n- CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)\n- CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).\n- CVE-2023-52821: Fixed a possible null pointer dereference (bsc#1225022).\n- CVE-2023-52864: Fixed opening of char device (bsc#1225132).\n- CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086).\n- CVE-2023-52867: Fixed possible buffer overflow (bsc#1225009).\n- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).\n- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).\n- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)\n- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).\n- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).\n- CVE-2024-26846: Do not wait in vain when unloading module (bsc#1223023).\n- CVE-2024-26874: Fixed a null pointer crash in (bsc#1223048)\n- CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).\n- CVE-2024-26900: Fixed kmemleak of rdev-\u003eserial (bsc#1223046).\n- CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)\n- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).\n- CVE-2024-26957: Fixed reference counting on zcrypt card objects (bsc#1223666).\n- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).\n- CVE-2024-26984: Fixed instmem race condition around ptr stores (bsc#1223633)\n- CVE-2024-26996: Fixed UAF ncm object at re-bind after usb ep transport error (bsc#1223752).\n- CVE-2024-27008: Fixed out of bounds access (CVE-2024-27008 bsc#1223802).\n- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).\n- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).\n- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).\n- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)\n- CVE-2024-27436: Stop parsing channels bits when all channels are found (bsc#1224803).\n- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).\n- CVE-2024-35791: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region() (bsc#1224725).\n- CVE-2024-35809: Drain runtime-idle callbacks before driver removal (bsc#1224738).\n- CVE-2024-35830: Register v4l2 async device only after successful setup (bsc#1224680).\n- CVE-2024-35849: Fixed information leak in btrfs_ioctl_logical_to_ino() (bsc#1224733).\n- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).\n- CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).\n- CVE-2024-35887: Fixed use-after-free bugs caused by ax25_ds_del_timer (bsc#1224663)\n- CVE-2024-35932: Do not check if plane-\u003estate-\u003efb == state-\u003efb (bsc#1224650).\n- CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)\n- CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)\n- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).\n- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).\n- CVE-2024-35982: Avoid infinite loop trying to resize local TT (bsc#1224566)\n- CVE-2024-36029: Prevent access to suspended controller (bsc#1225708)\n\nThe following non-security bugs were fixed:\n\n- af_unix: annote lockless accesses to unix_tot_inflight \u0026 gc_in_progress (bsc#1223384).\n- af_unix: Do not use atomic ops for unix_sk(sk)-\u003einflight (bsc#1223384).\n- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).\n- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).\n- assoc_array: Fix BUG_ON during garbage collect.\n- autofs: fix a leak in autofs_expire_indirect() (git-fixes)\n- Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working (git-fixes).\n- btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit (git-fixes)\n- btrfs: check if root is readonly while setting security xattr (git-fixes)\n- btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (git-fixes)\n- btrfs: do not get an EINTR during drop_snapshot for reloc (git-fixes)\n- btrfs: do not stop integrity writeback too early (git-fixes)\n- btrfs: Explicitly handle btrfs_update_root failure (git-fixes)\n- btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP (git-fixes)\n- btrfs: fix btrfs_prev_leaf() to not return the same key twice (git-fixes)\n- btrfs: fix deadlock when writing out space cache (git-fixes)\n- Btrfs: fix incorrect {node,sector}size endianness from BTRFS_IOC_FS_INFO (git-fixes)\n- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)\n- btrfs: fix lost error handling when looking up extended ref on log replay (git-fixes)\n- btrfs: Fix NULL pointer exception in find_bio_stripe (git-fixes)\n- btrfs: Fix out of bounds access in btrfs_search_slot (git-fixes)\n- btrfs: fix race when deleting quota root from the dirty cow roots list (git-fixes)\n- btrfs: fix range_end calculation in extent_write_locked_range (git-fixes)\n- btrfs: fix return value mixup in btrfs_get_extent (git-fixes)\n- btrfs: fix unaligned access in readdir (git-fixes)\n- btrfs: limit device extents to the device size (git-fixes)\n- btrfs: prevent to set invalid default subvolid (git-fixes)\n- btrfs: record delayed inode root in transaction (git-fixes)\n- btrfs: scrub: reject unsupported scrub flags (git-fixes)\n- btrfs: send: ensure send_fd is writable (git-fixes)\n- btrfs: send: in case of IO error log it (git-fixes)\n- btrfs: send: limit number of clones and allocated memory size (git-fixes)\n- btrfs: sysfs: use NOFS for device creation (git-fixes) Adjustment: add #include\n- btrfs: tree-checker: add missing return after error in root_item (git-fixes)\n- btrfs: tree-checker: add missing returns after data_ref alignment checks (git-fixes)\n- btrfs: tree-checker: do not error out if extent ref hash does not match (git-fixes)\n- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)\n- btrfs: tree-checker: Fix misleading group system information (git-fixes)\n- btrfs: undo writable superblocke when sprouting fails (git-fixes)\n- btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (git-fixes)\n- ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() (git-fixes)\n- ecryptfs: fix a memory leak bug in parse_tag_1_packet() (git-fixes)\n- ecryptfs: fix kernel panic with null dev_name (git-fixes)\n- ecryptfs: Fix typo in message (git-fixes)\n- ep_create_wakeup_source(): dentry name can change under you (git-fixes)\n- exportfs_decode_fh(): negative pinned may become positive without the parent locked (git-fixes)\n- fscrypt: clean up some BUG_ON()s in block encryption/decryption (git-fixes)\n- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes (git-fixes)\n- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (git-fixes).\n- ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1225059).\n- l2tp: pass correct message length to ip6_append_data (git-fixes).\n- lib/mpi: use kcalloc in mpi_resize (git-fixes).\n- list: fix a data-race around ep-\u003erdllist (git-fixes).\n- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).\n- mass-cve: Add convenience KBUILD_USER environment variable\n- mass-cve: Always use bash in Makefile Some constrcts are just too convenient to leave them in favor of POSIX\u0027d /bin/sh. Switch to explicit bash.\n- mass-cve: Fail early without data files curl \u003e$@ would create/update the file even if download fails. Use explicit argument to prevent continuation with empty cve2bugzilla file.\n- mass-cve: Fix update detection with packed-refs Per-branch files are thing of the past, git may non-deterministically pack the ref files. Therefore use the timestamp of the whole packed-ref file (better false positive detection of update than breakage or false negative). Add unified approach to read packed-refs regardless of KSOURCE_GIT worktree or not.\n- mass-cve: Make BRANCH mandatory\n- mass-cve: Use dedicated worktree for reference updates So that any checkout in KSOURCE_GIT is not changed.\n- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).\n- netfilter: nf_queue: augment nfqa_cfg_policy (git-fixes).\n- netfilter: nft_compat: explicitly reject ERROR and standard target (git-fixes).\n- netfilter: x_tables: set module owner for icmp(6) matches (git-fixes).\n- net/smc: fix fallback failed while sendmsg with fastopen (git-fixes).\n- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).\n- net/tls: Remove the context from the list in tls_device_down (bsc#1221545).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: smsc95xx: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: sr9700: stop lying about skb-\u003etruesize (git-fixes).\n- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).\n- nfc: change order inside nfc_se_io error path (git-fixes).\n- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).\n- ppdev: Add an error check in register_device (git-fixes).\n- printk: Disable passing console lock owner completely during panic() (bsc#1197894).\n- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1223969).\n- rds: avoid unenecessary cong_update in loop transport (git-fixes).\n- rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp (git-fixes).\n- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).\n- ring-buffer: Fix a race between readers and resize checks (bsc#1222893).\n- rxrpc: Do not put crypto buffers on the stack (git-fixes).\n- rxrpc: Fix a memory leak in rxkad_verify_response() (git-fixes).\n- rxrpc: Provide a different lockdep key for call-\u003euser_mutex for kernel calls (git-fixes).\n- rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing (git-fixes).\n- rxrpc: Work around usercopy check (git-fixes).\n- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224347).\n- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1225062).\n- scripts/check-kernel-fix: add -F parameter\n- scripts/check-kernel-fix: avoid rechecking child branches when parents are OK Topological sorted dependency tree allows to optimize check-kernel-fixe in cases where parent already has the fix. There is not reason to check branches which merge from that branch as they will get the fix eventually.\n- scripts/check-kernel-fix: print a message when no action is needed. Script exits without printing anything about the actions necessary in non-verbose mode. This can be confusing to a beginner user.\n- scripts/common-functions: for_each_build_branch traverse branches in dependency topo sorted list\n- scripts/common-functions: There are cases where Fixes tag is incorrect. Example would be bsc1223062 comment 3.\n- scripts/cve_tools: Update README Issue was fixed in ad3235427c3\n- scripts/git_sort/git_sort.py: add rafael/linux-pm.git#linux-next to remotes\n- scripts/log2: Fix References: update detection The following change -REferences: git-fixes +REferences: git-fixes bsc#123456 (note the typo in E) will not be detected as a reference update and generates a commit message like \n- scripts/PMU: Always use 12 digits for abbreviated hash references Kernel developers tend to use 12 digits for abbreviated hash references as this is mandatory for upstream work. Enforce this count in PMU for consistency.\n- tcp: tcp_make_synack() can be called from process context (git-fixes).\n- tls: Fix context leak on tls_device_down (bsc#1221545).\n- tracing: Fix blocked reader of snapshot buffer (git-fixes).\n- tracing: hide unused ftrace_event_id_fops (git-fixes).\n- tracing: Use .flush() call to wake up readers (git-fixes).\n- tracing: Use strncpy instead of memcpy when copying comm in trace.c (git-fixes).\n- tty/sysrq: replace smp_processor_id() with get_cpu() (bsc#1223540).\n- usb: aqc111: stop lying about skb-\u003etruesize (git-fixes).\n- wifi: cfg80211: avoid leaking stack data into trace (git-fixes).\n- wifi: radiotap: fix kernel-doc notation warnings (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2184,SUSE-SLE-HA-12-SP5-2024-2184,SUSE-SLE-Live-Patching-12-SP5-2024-2184,SUSE-SLE-SDK-12-SP5-2024-2184,SUSE-SLE-SERVER-12-SP5-2024-2184,SUSE-SLE-WE-12-SP5-2024-2184",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2184-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2184-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242184-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2184-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035716.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1101816",
"url": "https://bugzilla.suse.com/1101816"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1181674",
"url": "https://bugzilla.suse.com/1181674"
},
{
"category": "self",
"summary": "SUSE Bug 1185902",
"url": "https://bugzilla.suse.com/1185902"
},
{
"category": "self",
"summary": "SUSE Bug 1187716",
"url": "https://bugzilla.suse.com/1187716"
},
{
"category": "self",
"summary": "SUSE Bug 1188616",
"url": "https://bugzilla.suse.com/1188616"
},
{
"category": "self",
"summary": "SUSE Bug 1190317",
"url": "https://bugzilla.suse.com/1190317"
},
{
"category": "self",
"summary": "SUSE Bug 1190795",
"url": "https://bugzilla.suse.com/1190795"
},
{
"category": "self",
"summary": "SUSE Bug 1191452",
"url": "https://bugzilla.suse.com/1191452"
},
{
"category": "self",
"summary": "SUSE Bug 1194591",
"url": "https://bugzilla.suse.com/1194591"
},
{
"category": "self",
"summary": "SUSE Bug 1197760",
"url": "https://bugzilla.suse.com/1197760"
},
{
"category": "self",
"summary": "SUSE Bug 1197894",
"url": "https://bugzilla.suse.com/1197894"
},
{
"category": "self",
"summary": "SUSE Bug 1203935",
"url": "https://bugzilla.suse.com/1203935"
},
{
"category": "self",
"summary": "SUSE Bug 1206213",
"url": "https://bugzilla.suse.com/1206213"
},
{
"category": "self",
"summary": "SUSE Bug 1206646",
"url": "https://bugzilla.suse.com/1206646"
},
{
"category": "self",
"summary": "SUSE Bug 1207186",
"url": "https://bugzilla.suse.com/1207186"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1210335",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "self",
"summary": "SUSE Bug 1215702",
"url": "https://bugzilla.suse.com/1215702"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217169",
"url": "https://bugzilla.suse.com/1217169"
},
{
"category": "self",
"summary": "SUSE Bug 1217519",
"url": "https://bugzilla.suse.com/1217519"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1220487",
"url": "https://bugzilla.suse.com/1220487"
},
{
"category": "self",
"summary": "SUSE Bug 1220513",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "self",
"summary": "SUSE Bug 1220854",
"url": "https://bugzilla.suse.com/1220854"
},
{
"category": "self",
"summary": "SUSE Bug 1220928",
"url": "https://bugzilla.suse.com/1220928"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221081",
"url": "https://bugzilla.suse.com/1221081"
},
{
"category": "self",
"summary": "SUSE Bug 1221086",
"url": "https://bugzilla.suse.com/1221086"
},
{
"category": "self",
"summary": "SUSE Bug 1221543",
"url": "https://bugzilla.suse.com/1221543"
},
{
"category": "self",
"summary": "SUSE Bug 1221545",
"url": "https://bugzilla.suse.com/1221545"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1221994",
"url": "https://bugzilla.suse.com/1221994"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222627",
"url": "https://bugzilla.suse.com/1222627"
},
{
"category": "self",
"summary": "SUSE Bug 1222667",
"url": "https://bugzilla.suse.com/1222667"
},
{
"category": "self",
"summary": "SUSE Bug 1222671",
"url": "https://bugzilla.suse.com/1222671"
},
{
"category": "self",
"summary": "SUSE Bug 1222793",
"url": "https://bugzilla.suse.com/1222793"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1222894",
"url": "https://bugzilla.suse.com/1222894"
},
{
"category": "self",
"summary": "SUSE Bug 1223023",
"url": "https://bugzilla.suse.com/1223023"
},
{
"category": "self",
"summary": "SUSE Bug 1223046",
"url": "https://bugzilla.suse.com/1223046"
},
{
"category": "self",
"summary": "SUSE Bug 1223048",
"url": "https://bugzilla.suse.com/1223048"
},
{
"category": "self",
"summary": "SUSE Bug 1223062",
"url": "https://bugzilla.suse.com/1223062"
},
{
"category": "self",
"summary": "SUSE Bug 1223084",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "self",
"summary": "SUSE Bug 1223119",
"url": "https://bugzilla.suse.com/1223119"
},
{
"category": "self",
"summary": "SUSE Bug 1223138",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "self",
"summary": "SUSE Bug 1223207",
"url": "https://bugzilla.suse.com/1223207"
},
{
"category": "self",
"summary": "SUSE Bug 1223360",
"url": "https://bugzilla.suse.com/1223360"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223432",
"url": "https://bugzilla.suse.com/1223432"
},
{
"category": "self",
"summary": "SUSE Bug 1223509",
"url": "https://bugzilla.suse.com/1223509"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223539",
"url": "https://bugzilla.suse.com/1223539"
},
{
"category": "self",
"summary": "SUSE Bug 1223540",
"url": "https://bugzilla.suse.com/1223540"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223627",
"url": "https://bugzilla.suse.com/1223627"
},
{
"category": "self",
"summary": "SUSE Bug 1223633",
"url": "https://bugzilla.suse.com/1223633"
},
{
"category": "self",
"summary": "SUSE Bug 1223653",
"url": "https://bugzilla.suse.com/1223653"
},
{
"category": "self",
"summary": "SUSE Bug 1223666",
"url": "https://bugzilla.suse.com/1223666"
},
{
"category": "self",
"summary": "SUSE Bug 1223671",
"url": "https://bugzilla.suse.com/1223671"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223738",
"url": "https://bugzilla.suse.com/1223738"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223752",
"url": "https://bugzilla.suse.com/1223752"
},
{
"category": "self",
"summary": "SUSE Bug 1223802",
"url": "https://bugzilla.suse.com/1223802"
},
{
"category": "self",
"summary": "SUSE Bug 1223819",
"url": "https://bugzilla.suse.com/1223819"
},
{
"category": "self",
"summary": "SUSE Bug 1223834",
"url": "https://bugzilla.suse.com/1223834"
},
{
"category": "self",
"summary": "SUSE Bug 1223922",
"url": "https://bugzilla.suse.com/1223922"
},
{
"category": "self",
"summary": "SUSE Bug 1223923",
"url": "https://bugzilla.suse.com/1223923"
},
{
"category": "self",
"summary": "SUSE Bug 1223931",
"url": "https://bugzilla.suse.com/1223931"
},
{
"category": "self",
"summary": "SUSE Bug 1223932",
"url": "https://bugzilla.suse.com/1223932"
},
{
"category": "self",
"summary": "SUSE Bug 1223948",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "self",
"summary": "SUSE Bug 1223969",
"url": "https://bugzilla.suse.com/1223969"
},
{
"category": "self",
"summary": "SUSE Bug 1224096",
"url": "https://bugzilla.suse.com/1224096"
},
{
"category": "self",
"summary": "SUSE Bug 1224174",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "self",
"summary": "SUSE Bug 1224181",
"url": "https://bugzilla.suse.com/1224181"
},
{
"category": "self",
"summary": "SUSE Bug 1224347",
"url": "https://bugzilla.suse.com/1224347"
},
{
"category": "self",
"summary": "SUSE Bug 1224482",
"url": "https://bugzilla.suse.com/1224482"
},
{
"category": "self",
"summary": "SUSE Bug 1224511",
"url": "https://bugzilla.suse.com/1224511"
},
{
"category": "self",
"summary": "SUSE Bug 1224525",
"url": "https://bugzilla.suse.com/1224525"
},
{
"category": "self",
"summary": "SUSE Bug 1224566",
"url": "https://bugzilla.suse.com/1224566"
},
{
"category": "self",
"summary": "SUSE Bug 1224580",
"url": "https://bugzilla.suse.com/1224580"
},
{
"category": "self",
"summary": "SUSE Bug 1224592",
"url": "https://bugzilla.suse.com/1224592"
},
{
"category": "self",
"summary": "SUSE Bug 1224601",
"url": "https://bugzilla.suse.com/1224601"
},
{
"category": "self",
"summary": "SUSE Bug 1224607",
"url": "https://bugzilla.suse.com/1224607"
},
{
"category": "self",
"summary": "SUSE Bug 1224621",
"url": "https://bugzilla.suse.com/1224621"
},
{
"category": "self",
"summary": "SUSE Bug 1224644",
"url": "https://bugzilla.suse.com/1224644"
},
{
"category": "self",
"summary": "SUSE Bug 1224645",
"url": "https://bugzilla.suse.com/1224645"
},
{
"category": "self",
"summary": "SUSE Bug 1224648",
"url": "https://bugzilla.suse.com/1224648"
},
{
"category": "self",
"summary": "SUSE Bug 1224650",
"url": "https://bugzilla.suse.com/1224650"
},
{
"category": "self",
"summary": "SUSE Bug 1224663",
"url": "https://bugzilla.suse.com/1224663"
},
{
"category": "self",
"summary": "SUSE Bug 1224671",
"url": "https://bugzilla.suse.com/1224671"
},
{
"category": "self",
"summary": "SUSE Bug 1224676",
"url": "https://bugzilla.suse.com/1224676"
},
{
"category": "self",
"summary": "SUSE Bug 1224680",
"url": "https://bugzilla.suse.com/1224680"
},
{
"category": "self",
"summary": "SUSE Bug 1224682",
"url": "https://bugzilla.suse.com/1224682"
},
{
"category": "self",
"summary": "SUSE Bug 1224725",
"url": "https://bugzilla.suse.com/1224725"
},
{
"category": "self",
"summary": "SUSE Bug 1224728",
"url": "https://bugzilla.suse.com/1224728"
},
{
"category": "self",
"summary": "SUSE Bug 1224733",
"url": "https://bugzilla.suse.com/1224733"
},
{
"category": "self",
"summary": "SUSE Bug 1224738",
"url": "https://bugzilla.suse.com/1224738"
},
{
"category": "self",
"summary": "SUSE Bug 1224747",
"url": "https://bugzilla.suse.com/1224747"
},
{
"category": "self",
"summary": "SUSE Bug 1224749",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "self",
"summary": "SUSE Bug 1224759",
"url": "https://bugzilla.suse.com/1224759"
},
{
"category": "self",
"summary": "SUSE Bug 1224803",
"url": "https://bugzilla.suse.com/1224803"
},
{
"category": "self",
"summary": "SUSE Bug 1224827",
"url": "https://bugzilla.suse.com/1224827"
},
{
"category": "self",
"summary": "SUSE Bug 1224830",
"url": "https://bugzilla.suse.com/1224830"
},
{
"category": "self",
"summary": "SUSE Bug 1224831",
"url": "https://bugzilla.suse.com/1224831"
},
{
"category": "self",
"summary": "SUSE Bug 1224834",
"url": "https://bugzilla.suse.com/1224834"
},
{
"category": "self",
"summary": "SUSE Bug 1224838",
"url": "https://bugzilla.suse.com/1224838"
},
{
"category": "self",
"summary": "SUSE Bug 1224841",
"url": "https://bugzilla.suse.com/1224841"
},
{
"category": "self",
"summary": "SUSE Bug 1224844",
"url": "https://bugzilla.suse.com/1224844"
},
{
"category": "self",
"summary": "SUSE Bug 1224846",
"url": "https://bugzilla.suse.com/1224846"
},
{
"category": "self",
"summary": "SUSE Bug 1224847",
"url": "https://bugzilla.suse.com/1224847"
},
{
"category": "self",
"summary": "SUSE Bug 1224849",
"url": "https://bugzilla.suse.com/1224849"
},
{
"category": "self",
"summary": "SUSE Bug 1224854",
"url": "https://bugzilla.suse.com/1224854"
},
{
"category": "self",
"summary": "SUSE Bug 1224859",
"url": "https://bugzilla.suse.com/1224859"
},
{
"category": "self",
"summary": "SUSE Bug 1224867",
"url": "https://bugzilla.suse.com/1224867"
},
{
"category": "self",
"summary": "SUSE Bug 1224880",
"url": "https://bugzilla.suse.com/1224880"
},
{
"category": "self",
"summary": "SUSE Bug 1224882",
"url": "https://bugzilla.suse.com/1224882"
},
{
"category": "self",
"summary": "SUSE Bug 1224888",
"url": "https://bugzilla.suse.com/1224888"
},
{
"category": "self",
"summary": "SUSE Bug 1224889",
"url": "https://bugzilla.suse.com/1224889"
},
{
"category": "self",
"summary": "SUSE Bug 1224892",
"url": "https://bugzilla.suse.com/1224892"
},
{
"category": "self",
"summary": "SUSE Bug 1224893",
"url": "https://bugzilla.suse.com/1224893"
},
{
"category": "self",
"summary": "SUSE Bug 1224899",
"url": "https://bugzilla.suse.com/1224899"
},
{
"category": "self",
"summary": "SUSE Bug 1224904",
"url": "https://bugzilla.suse.com/1224904"
},
{
"category": "self",
"summary": "SUSE Bug 1224907",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "self",
"summary": "SUSE Bug 1224916",
"url": "https://bugzilla.suse.com/1224916"
},
{
"category": "self",
"summary": "SUSE Bug 1224917",
"url": "https://bugzilla.suse.com/1224917"
},
{
"category": "self",
"summary": "SUSE Bug 1224922",
"url": "https://bugzilla.suse.com/1224922"
},
{
"category": "self",
"summary": "SUSE Bug 1224926",
"url": "https://bugzilla.suse.com/1224926"
},
{
"category": "self",
"summary": "SUSE Bug 1224930",
"url": "https://bugzilla.suse.com/1224930"
},
{
"category": "self",
"summary": "SUSE Bug 1224931",
"url": "https://bugzilla.suse.com/1224931"
},
{
"category": "self",
"summary": "SUSE Bug 1224942",
"url": "https://bugzilla.suse.com/1224942"
},
{
"category": "self",
"summary": "SUSE Bug 1224954",
"url": "https://bugzilla.suse.com/1224954"
},
{
"category": "self",
"summary": "SUSE Bug 1224956",
"url": "https://bugzilla.suse.com/1224956"
},
{
"category": "self",
"summary": "SUSE Bug 1224957",
"url": "https://bugzilla.suse.com/1224957"
},
{
"category": "self",
"summary": "SUSE Bug 1224959",
"url": "https://bugzilla.suse.com/1224959"
},
{
"category": "self",
"summary": "SUSE Bug 1224960",
"url": "https://bugzilla.suse.com/1224960"
},
{
"category": "self",
"summary": "SUSE Bug 1224961",
"url": "https://bugzilla.suse.com/1224961"
},
{
"category": "self",
"summary": "SUSE Bug 1224963",
"url": "https://bugzilla.suse.com/1224963"
},
{
"category": "self",
"summary": "SUSE Bug 1224966",
"url": "https://bugzilla.suse.com/1224966"
},
{
"category": "self",
"summary": "SUSE Bug 1224968",
"url": "https://bugzilla.suse.com/1224968"
},
{
"category": "self",
"summary": "SUSE Bug 1224981",
"url": "https://bugzilla.suse.com/1224981"
},
{
"category": "self",
"summary": "SUSE Bug 1224982",
"url": "https://bugzilla.suse.com/1224982"
},
{
"category": "self",
"summary": "SUSE Bug 1224983",
"url": "https://bugzilla.suse.com/1224983"
},
{
"category": "self",
"summary": "SUSE Bug 1224987",
"url": "https://bugzilla.suse.com/1224987"
},
{
"category": "self",
"summary": "SUSE Bug 1224990",
"url": "https://bugzilla.suse.com/1224990"
},
{
"category": "self",
"summary": "SUSE Bug 1224996",
"url": "https://bugzilla.suse.com/1224996"
},
{
"category": "self",
"summary": "SUSE Bug 1225008",
"url": "https://bugzilla.suse.com/1225008"
},
{
"category": "self",
"summary": "SUSE Bug 1225009",
"url": "https://bugzilla.suse.com/1225009"
},
{
"category": "self",
"summary": "SUSE Bug 1225010",
"url": "https://bugzilla.suse.com/1225010"
},
{
"category": "self",
"summary": "SUSE Bug 1225022",
"url": "https://bugzilla.suse.com/1225022"
},
{
"category": "self",
"summary": "SUSE Bug 1225026",
"url": "https://bugzilla.suse.com/1225026"
},
{
"category": "self",
"summary": "SUSE Bug 1225030",
"url": "https://bugzilla.suse.com/1225030"
},
{
"category": "self",
"summary": "SUSE Bug 1225054",
"url": "https://bugzilla.suse.com/1225054"
},
{
"category": "self",
"summary": "SUSE Bug 1225058",
"url": "https://bugzilla.suse.com/1225058"
},
{
"category": "self",
"summary": "SUSE Bug 1225059",
"url": "https://bugzilla.suse.com/1225059"
},
{
"category": "self",
"summary": "SUSE Bug 1225060",
"url": "https://bugzilla.suse.com/1225060"
},
{
"category": "self",
"summary": "SUSE Bug 1225062",
"url": "https://bugzilla.suse.com/1225062"
},
{
"category": "self",
"summary": "SUSE Bug 1225082",
"url": "https://bugzilla.suse.com/1225082"
},
{
"category": "self",
"summary": "SUSE Bug 1225084",
"url": "https://bugzilla.suse.com/1225084"
},
{
"category": "self",
"summary": "SUSE Bug 1225086",
"url": "https://bugzilla.suse.com/1225086"
},
{
"category": "self",
"summary": "SUSE Bug 1225092",
"url": "https://bugzilla.suse.com/1225092"
},
{
"category": "self",
"summary": "SUSE Bug 1225096",
"url": "https://bugzilla.suse.com/1225096"
},
{
"category": "self",
"summary": "SUSE Bug 1225112",
"url": "https://bugzilla.suse.com/1225112"
},
{
"category": "self",
"summary": "SUSE Bug 1225124",
"url": "https://bugzilla.suse.com/1225124"
},
{
"category": "self",
"summary": "SUSE Bug 1225128",
"url": "https://bugzilla.suse.com/1225128"
},
{
"category": "self",
"summary": "SUSE Bug 1225132",
"url": "https://bugzilla.suse.com/1225132"
},
{
"category": "self",
"summary": "SUSE Bug 1225141",
"url": "https://bugzilla.suse.com/1225141"
},
{
"category": "self",
"summary": "SUSE Bug 1225143",
"url": "https://bugzilla.suse.com/1225143"
},
{
"category": "self",
"summary": "SUSE Bug 1225144",
"url": "https://bugzilla.suse.com/1225144"
},
{
"category": "self",
"summary": "SUSE Bug 1225151",
"url": "https://bugzilla.suse.com/1225151"
},
{
"category": "self",
"summary": "SUSE Bug 1225153",
"url": "https://bugzilla.suse.com/1225153"
},
{
"category": "self",
"summary": "SUSE Bug 1225155",
"url": "https://bugzilla.suse.com/1225155"
},
{
"category": "self",
"summary": "SUSE Bug 1225157",
"url": "https://bugzilla.suse.com/1225157"
},
{
"category": "self",
"summary": "SUSE Bug 1225164",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "self",
"summary": "SUSE Bug 1225177",
"url": "https://bugzilla.suse.com/1225177"
},
{
"category": "self",
"summary": "SUSE Bug 1225189",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "self",
"summary": "SUSE Bug 1225192",
"url": "https://bugzilla.suse.com/1225192"
},
{
"category": "self",
"summary": "SUSE Bug 1225193",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "self",
"summary": "SUSE Bug 1225198",
"url": "https://bugzilla.suse.com/1225198"
},
{
"category": "self",
"summary": "SUSE Bug 1225201",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "self",
"summary": "SUSE Bug 1225207",
"url": "https://bugzilla.suse.com/1225207"
},
{
"category": "self",
"summary": "SUSE Bug 1225208",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "self",
"summary": "SUSE Bug 1225222",
"url": "https://bugzilla.suse.com/1225222"
},
{
"category": "self",
"summary": "SUSE Bug 1225230",
"url": "https://bugzilla.suse.com/1225230"
},
{
"category": "self",
"summary": "SUSE Bug 1225242",
"url": "https://bugzilla.suse.com/1225242"
},
{
"category": "self",
"summary": "SUSE Bug 1225244",
"url": "https://bugzilla.suse.com/1225244"
},
{
"category": "self",
"summary": "SUSE Bug 1225247",
"url": "https://bugzilla.suse.com/1225247"
},
{
"category": "self",
"summary": "SUSE Bug 1225251",
"url": "https://bugzilla.suse.com/1225251"
},
{
"category": "self",
"summary": "SUSE Bug 1225252",
"url": "https://bugzilla.suse.com/1225252"
},
{
"category": "self",
"summary": "SUSE Bug 1225256",
"url": "https://bugzilla.suse.com/1225256"
},
{
"category": "self",
"summary": "SUSE Bug 1225303",
"url": "https://bugzilla.suse.com/1225303"
},
{
"category": "self",
"summary": "SUSE Bug 1225318",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "self",
"summary": "SUSE Bug 1225322",
"url": "https://bugzilla.suse.com/1225322"
},
{
"category": "self",
"summary": "SUSE Bug 1225329",
"url": "https://bugzilla.suse.com/1225329"
},
{
"category": "self",
"summary": "SUSE Bug 1225330",
"url": "https://bugzilla.suse.com/1225330"
},
{
"category": "self",
"summary": "SUSE Bug 1225336",
"url": "https://bugzilla.suse.com/1225336"
},
{
"category": "self",
"summary": "SUSE Bug 1225347",
"url": "https://bugzilla.suse.com/1225347"
},
{
"category": "self",
"summary": "SUSE Bug 1225351",
"url": "https://bugzilla.suse.com/1225351"
},
{
"category": "self",
"summary": "SUSE Bug 1225354",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "self",
"summary": "SUSE Bug 1225355",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "self",
"summary": "SUSE Bug 1225360",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "self",
"summary": "SUSE Bug 1225366",
"url": "https://bugzilla.suse.com/1225366"
},
{
"category": "self",
"summary": "SUSE Bug 1225367",
"url": "https://bugzilla.suse.com/1225367"
},
{
"category": "self",
"summary": "SUSE Bug 1225384",
"url": "https://bugzilla.suse.com/1225384"
},
{
"category": "self",
"summary": "SUSE Bug 1225390",
"url": "https://bugzilla.suse.com/1225390"
},
{
"category": "self",
"summary": "SUSE Bug 1225404",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "self",
"summary": "SUSE Bug 1225409",
"url": "https://bugzilla.suse.com/1225409"
},
{
"category": "self",
"summary": "SUSE Bug 1225411",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "self",
"summary": "SUSE Bug 1225438",
"url": "https://bugzilla.suse.com/1225438"
},
{
"category": "self",
"summary": "SUSE Bug 1225453",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "self",
"summary": "SUSE Bug 1225479",
"url": "https://bugzilla.suse.com/1225479"
},
{
"category": "self",
"summary": "SUSE Bug 1225482",
"url": "https://bugzilla.suse.com/1225482"
},
{
"category": "self",
"summary": "SUSE Bug 1225506",
"url": "https://bugzilla.suse.com/1225506"
},
{
"category": "self",
"summary": "SUSE Bug 1225549",
"url": "https://bugzilla.suse.com/1225549"
},
{
"category": "self",
"summary": "SUSE Bug 1225560",
"url": "https://bugzilla.suse.com/1225560"
},
{
"category": "self",
"summary": "SUSE Bug 1225572",
"url": "https://bugzilla.suse.com/1225572"
},
{
"category": "self",
"summary": "SUSE Bug 1225640",
"url": "https://bugzilla.suse.com/1225640"
},
{
"category": "self",
"summary": "SUSE Bug 1225708",
"url": "https://bugzilla.suse.com/1225708"
},
{
"category": "self",
"summary": "SUSE Bug 1225764",
"url": "https://bugzilla.suse.com/1225764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46933 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46955 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47074 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47113 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47131 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47171 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47188 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47206 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47220 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47229 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47231 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47235 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47236 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47237 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47238 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47239 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47245 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47246 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47248 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47249 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47250 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47252 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47254 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47258 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47260 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47261 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47265 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47269 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47274 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47276 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47277 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47280 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47281 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47284 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47285 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47288 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47301 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47302 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47305 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47307 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47308 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47310 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47311 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47314 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47315 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47319 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47320 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47321 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47323 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47324 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47330 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47334 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47334/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47337 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47344 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47345 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47347 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47352 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47353 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47355 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47356 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47357 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47361 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47362 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47369 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47378 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47382 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47383 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47391 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47397 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47400 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47401 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47404 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47409 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47416 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47423 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47424 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47431 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47435 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47436 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47456 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47458 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47460 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47469 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47472 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47473 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47478 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47480 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47483 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47485 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47495 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47496 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47497 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47500 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47506 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47509 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47511 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47523 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47541 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47548 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47565 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48650 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48672 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48686 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48697 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48702 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48704 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48708 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48710 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-42755 page",
"url": "https://www.suse.com/security/cve/CVE-2023-42755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47233 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52527 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52586 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52655 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52664 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52685 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52691 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52696 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52698 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52703 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52730 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52732 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52741 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52742 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52747 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52759 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52774 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52781 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52796 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52803 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52821 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52875 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52880 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26625 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26752 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26846 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26874 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26876 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27396 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27401 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27419 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27436 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35809 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35849 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36954/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-06-24T18:34:20Z",
"generator": {
"date": "2024-06-24T18:34:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2184-1",
"initial_release_date": "2024-06-24T18:34:20Z",
"revision_history": [
{
"date": "2024-06-24T18:34:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.219.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.219.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.219.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.219.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.219.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.219.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.219.1.aarch64",
"product_id": "kernel-default-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.219.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.219.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.219.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.219.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.aarch64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.219.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.219.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.219.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.219.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.219.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.219.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.aarch64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.aarch64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.219.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.219.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.219.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.219.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.219.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.219.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.219.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.219.1.noarch",
"product_id": "kernel-devel-4.12.14-122.219.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.219.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.219.1.noarch",
"product_id": "kernel-docs-4.12.14-122.219.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.219.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.219.1.noarch",
"product_id": "kernel-docs-html-4.12.14-122.219.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.219.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.219.1.noarch",
"product_id": "kernel-macros-4.12.14-122.219.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.219.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.219.1.noarch",
"product_id": "kernel-source-4.12.14-122.219.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.219.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.219.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.219.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-debug-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.ppc64le",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.219.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.219.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.219.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.219.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.219.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.219.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.219.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.219.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.219.1.s390x",
"product_id": "kernel-default-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.219.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.219.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.219.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.219.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.219.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.219.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.219.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.219.1.s390x",
"product_id": "kernel-syms-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.219.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.219.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.219.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.s390x",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.219.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.219.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.219.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.219.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.219.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.219.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.219.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.219.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.219.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-122.219.1.x86_64",
"product_id": "kernel-debug-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-122.219.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.219.1.x86_64",
"product_id": "kernel-default-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.219.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.219.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.219.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.219.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.219.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.219.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.219.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.219.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.219.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.x86_64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.x86_64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.219.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.219.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.219.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.219.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-122.219.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-122.219.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.219.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.219.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.219.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.219.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.219.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.219.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.219.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.219.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.219.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.219.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.219.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.219.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-122.219.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-122.219.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.\n\nffs_data_clear is indirectly called from both ffs_fs_kill_sb and\nffs_ep0_release, so it ends up being called twice when userland closes ep0\nand then unmounts f_fs.\nIf userland provided an eventfd along with function\u0027s USB descriptors, it\nends up calling eventfd_ctx_put as many times, causing a refcount\nunderflow.\nNULL-ify ffs_eventfd to prevent these extraneous eventfd_ctx_put calls.\n\nAlso, set epfiles to NULL right after de-allocating it, for readability.\n\nFor completeness, ffs_data_clear actually ends up being called thrice, the\nlast call being before the whole ffs structure gets freed, so when this\nspecific sequence happens there is a second underflow happening (but not\nbeing reported):\n\n/sys/kernel/debug/tracing# modprobe usb_f_fs\n/sys/kernel/debug/tracing# echo ffs_data_clear \u003e set_ftrace_filter\n/sys/kernel/debug/tracing# echo function \u003e current_tracer\n/sys/kernel/debug/tracing# echo 1 \u003e tracing_on\n(setup gadget, run and kill function userland process, teardown gadget)\n/sys/kernel/debug/tracing# echo 0 \u003e tracing_on\n/sys/kernel/debug/tracing# cat trace\n smartcard-openp-436 [000] ..... 1946.208786: ffs_data_clear \u003c-ffs_data_closed\n smartcard-openp-431 [000] ..... 1946.279147: ffs_data_clear \u003c-ffs_data_closed\n smartcard-openp-431 [000] .n... 1946.905512: ffs_data_clear \u003c-ffs_data_put\n\nWarning output corresponding to above trace:\n[ 1946.284139] WARNING: CPU: 0 PID: 431 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15c\n[ 1946.293094] refcount_t: underflow; use-after-free.\n[ 1946.298164] Modules linked in: usb_f_ncm(E) u_ether(E) usb_f_fs(E) hci_uart(E) btqca(E) btrtl(E) btbcm(E) btintel(E) bluetooth(E) nls_ascii(E) nls_cp437(E) vfat(E) fat(E) bcm2835_v4l2(CE) bcm2835_mmal_vchiq(CE) videobuf2_vmalloc(E) videobuf2_memops(E) sha512_generic(E) videobuf2_v4l2(E) sha512_arm(E) videobuf2_common(E) videodev(E) cpufreq_dt(E) snd_bcm2835(CE) brcmfmac(E) mc(E) vc4(E) ctr(E) brcmutil(E) snd_soc_core(E) snd_pcm_dmaengine(E) drbg(E) snd_pcm(E) snd_timer(E) snd(E) soundcore(E) drm_kms_helper(E) cec(E) ansi_cprng(E) rc_core(E) syscopyarea(E) raspberrypi_cpufreq(E) sysfillrect(E) sysimgblt(E) cfg80211(E) max17040_battery(OE) raspberrypi_hwmon(E) fb_sys_fops(E) regmap_i2c(E) ecdh_generic(E) rfkill(E) ecc(E) bcm2835_rng(E) rng_core(E) vchiq(CE) leds_gpio(E) libcomposite(E) fuse(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) sdhci_iproc(E) sdhci_pltfm(E) sdhci(E)\n[ 1946.399633] CPU: 0 PID: 431 Comm: smartcard-openp Tainted: G C OE 5.15.0-1-rpi #1 Debian 5.15.3-1\n[ 1946.417950] Hardware name: BCM2835\n[ 1946.425442] Backtrace:\n[ 1946.432048] [\u003cc08d60a0\u003e] (dump_backtrace) from [\u003cc08d62ec\u003e] (show_stack+0x20/0x24)\n[ 1946.448226] r7:00000009 r6:0000001c r5:c04a948c r4:c0a64e2c\n[ 1946.458412] [\u003cc08d62cc\u003e] (show_stack) from [\u003cc08d9ae0\u003e] (dump_stack+0x28/0x30)\n[ 1946.470380] [\u003cc08d9ab8\u003e] (dump_stack) from [\u003cc0123500\u003e] (__warn+0xe8/0x154)\n[ 1946.482067] r5:c04a948c r4:c0a71dc8\n[ 1946.490184] [\u003cc0123418\u003e] (__warn) from [\u003cc08d6948\u003e] (warn_slowpath_fmt+0xa0/0xe4)\n[ 1946.506758] r7:00000009 r6:0000001c r5:c0a71dc8 r4:c0a71e04\n[ 1946.517070] [\u003cc08d68ac\u003e] (warn_slowpath_fmt) from [\u003cc04a948c\u003e] (refcount_warn_saturate+0x110/0x15c)\n[ 1946.535309] r8:c0100224 r7:c0dfcb84 r6:ffffffff r5:c3b84c00 r4:c24a17c0\n[ 1946.546708] [\u003cc04a937c\u003e] (refcount_warn_saturate) from [\u003cc0380134\u003e] (eventfd_ctx_put+0x48/0x74)\n[ 1946.564476] [\u003cc03800ec\u003e] (eventfd_ctx_put) from [\u003cbf5464e8\u003e] (ffs_data_clear+0xd0/0x118 [usb_f_fs])\n[ 1946.582664] r5:c3b84c00 r4:c2695b00\n[ 1946.590668] [\u003cbf546418\u003e] (ffs_data_clear [usb_f_fs]) from [\u003cbf547cc0\u003e] (ffs_data_closed+0x9c/0x150 [usb_f_fs])\n[ 1946.609608] r5:bf54d014 r4:c2695b00\n[ 1946.617522] [\u003cbf547c24\u003e] (ffs_data_closed [usb_f_fs]) from [\u003cbf547da0\u003e] (ffs_fs_kill_sb+0x2c/0x30 [usb_f_fs])\n[ 1946.636217] r7:c0dfcb\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46933",
"url": "https://www.suse.com/security/cve/CVE-2021-46933"
},
{
"category": "external",
"summary": "SUSE Bug 1220487 for CVE-2021-46933",
"url": "https://bugzilla.suse.com/1220487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-46933"
},
{
"cve": "CVE-2021-46955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix stack OOB read while fragmenting IPv4 packets\n\nrunning openvswitch on kernels built with KASAN, it\u0027s possible to see the\nfollowing splat while testing fragmentation of IPv4 packets:\n\n BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60\n Read of size 1 at addr ffff888112fc713c by task handler2/1367\n\n CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n Call Trace:\n dump_stack+0x92/0xc1\n print_address_description.constprop.7+0x1a/0x150\n kasan_report.cold.13+0x7f/0x111\n ip_do_fragment+0x1b03/0x1f60\n ovs_fragment+0x5bf/0x840 [openvswitch]\n do_execute_actions+0x1bd5/0x2400 [openvswitch]\n ovs_execute_actions+0xc8/0x3d0 [openvswitch]\n ovs_packet_cmd_execute+0xa39/0x1150 [openvswitch]\n genl_family_rcv_msg_doit.isra.15+0x227/0x2d0\n genl_rcv_msg+0x287/0x490\n netlink_rcv_skb+0x120/0x380\n genl_rcv+0x24/0x40\n netlink_unicast+0x439/0x630\n netlink_sendmsg+0x719/0xbf0\n sock_sendmsg+0xe2/0x110\n ____sys_sendmsg+0x5ba/0x890\n ___sys_sendmsg+0xe9/0x160\n __sys_sendmsg+0xd3/0x170\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f957079db07\n Code: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 eb ec ff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 24 ed ff ff 48\n RSP: 002b:00007f956ce35a50 EFLAGS: 00000293 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 00007f957079db07\n RDX: 0000000000000000 RSI: 00007f956ce35ae0 RDI: 0000000000000019\n RBP: 00007f956ce35ae0 R08: 0000000000000000 R09: 00007f9558006730\n R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n R13: 00007f956ce37308 R14: 00007f956ce35f80 R15: 00007f956ce35ae0\n\n The buggy address belongs to the page:\n page:00000000af2a1d93 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112fc7\n flags: 0x17ffffc0000000()\n raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n addr ffff888112fc713c is located in stack of task handler2/1367 at offset 180 in frame:\n ovs_fragment+0x0/0x840 [openvswitch]\n\n this frame has 2 objects:\n [32, 144) \u0027ovs_dst\u0027\n [192, 424) \u0027ovs_rt\u0027\n\n Memory state around the buggy address:\n ffff888112fc7000: f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7080: 00 f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00\n \u003effff888112fc7100: 00 00 00 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00\n ^\n ffff888112fc7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7200: 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 00 00\n\nfor IPv4 packets, ovs_fragment() uses a temporary struct dst_entry. Then,\nin the following call graph:\n\n ip_do_fragment()\n ip_skb_dst_mtu()\n ip_dst_mtu_maybe_forward()\n ip_mtu_locked()\n\nthe pointer to struct dst_entry is used as pointer to struct rtable: this\nturns the access to struct members like rt_mtu_locked into an OOB read in\nthe stack. Fix this changing the temporary variable used for IPv4 packets\nin ovs_fragment(), similarly to what is done for IPv6 few lines below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46955",
"url": "https://www.suse.com/security/cve/CVE-2021-46955"
},
{
"category": "external",
"summary": "SUSE Bug 1220513 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "external",
"summary": "SUSE Bug 1220537 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-46955"
},
{
"cve": "CVE-2021-47074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-loop: fix memory leak in nvme_loop_create_ctrl()\n\nWhen creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl()\nfails, the loop ctrl should be freed before jumping to the \"out\" label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47074",
"url": "https://www.suse.com/security/cve/CVE-2021-47074"
},
{
"category": "external",
"summary": "SUSE Bug 1220854 for CVE-2021-47074",
"url": "https://bugzilla.suse.com/1220854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47074"
},
{
"cve": "CVE-2021-47113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: abort in rename_exchange if we fail to insert the second ref\n\nError injection stress uncovered a problem where we\u0027d leave a dangling\ninode ref if we failed during a rename_exchange. This happens because\nwe insert the inode ref for one side of the rename, and then for the\nother side. If this second inode ref insert fails we\u0027ll leave the first\none dangling and leave a corrupt file system behind. Fix this by\naborting if we did the insert for the first inode ref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47113",
"url": "https://www.suse.com/security/cve/CVE-2021-47113"
},
{
"category": "external",
"summary": "SUSE Bug 1221543 for CVE-2021-47113",
"url": "https://bugzilla.suse.com/1221543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47113"
},
{
"cve": "CVE-2021-47131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix use-after-free after the TLS device goes down and up\n\nWhen a netdev with active TLS offload goes down, tls_device_down is\ncalled to stop the offload and tear down the TLS context. However, the\nsocket stays alive, and it still points to the TLS context, which is now\ndeallocated. If a netdev goes up, while the connection is still active,\nand the data flow resumes after a number of TCP retransmissions, it will\nlead to a use-after-free of the TLS context.\n\nThis commit addresses this bug by keeping the context alive until its\nnormal destruction, and implements the necessary fallbacks, so that the\nconnection can resume in software (non-offloaded) kTLS mode.\n\nOn the TX side tls_sw_fallback is used to encrypt all packets. The RX\nside already has all the necessary fallbacks, because receiving\nnon-decrypted packets is supported. The thing needed on the RX side is\nto block resync requests, which are normally produced after receiving\nnon-decrypted packets.\n\nThe necessary synchronization is implemented for a graceful teardown:\nfirst the fallbacks are deployed, then the driver resources are released\n(it used to be possible to have a tls_dev_resync after tls_dev_del).\n\nA new flag called TLS_RX_DEV_DEGRADED is added to indicate the fallback\nmode. It\u0027s used to skip the RX resync logic completely, as it becomes\nuseless, and some objects may be released (for example, resync_async,\nwhich is allocated and freed by the driver).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47131",
"url": "https://www.suse.com/security/cve/CVE-2021-47131"
},
{
"category": "external",
"summary": "SUSE Bug 1221545 for CVE-2021-47131",
"url": "https://bugzilla.suse.com/1221545"
},
{
"category": "external",
"summary": "SUSE Bug 1222402 for CVE-2021-47131",
"url": "https://bugzilla.suse.com/1222402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47131"
},
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47171",
"url": "https://www.suse.com/security/cve/CVE-2021-47171"
},
{
"category": "external",
"summary": "SUSE Bug 1221994 for CVE-2021-47171",
"url": "https://bugzilla.suse.com/1221994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp-\u003ecmd);\n\nFix this warning by clearing lrbp-\u003ecmd from the abort handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47188",
"url": "https://www.suse.com/security/cve/CVE-2021-47188"
},
{
"category": "external",
"summary": "SUSE Bug 1222671 for CVE-2021-47188",
"url": "https://bugzilla.suse.com/1222671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-tmio: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47206",
"url": "https://www.suse.com/security/cve/CVE-2021-47206"
},
{
"category": "external",
"summary": "SUSE Bug 1222894 for CVE-2021-47206",
"url": "https://bugzilla.suse.com/1222894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47206"
},
{
"cve": "CVE-2021-47220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47220"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47220",
"url": "https://www.suse.com/security/cve/CVE-2021-47220"
},
{
"category": "external",
"summary": "SUSE Bug 1224859 for CVE-2021-47220",
"url": "https://bugzilla.suse.com/1224859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47220"
},
{
"cve": "CVE-2021-47229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: aardvark: Fix kernel panic during PIO transfer\n\nTrying to start a new PIO transfer by writing value 0 in PIO_START register\nwhen previous transfer has not yet completed (which is indicated by value 1\nin PIO_START) causes an External Abort on CPU, which results in kernel\npanic:\n\n SError Interrupt on CPU0, code 0xbf000002 -- SError\n Kernel panic - not syncing: Asynchronous SError Interrupt\n\nTo prevent kernel panic, it is required to reject a new PIO transfer when\nprevious one has not finished yet.\n\nIf previous PIO transfer is not finished yet, the kernel may issue a new\nPIO request only if the previous PIO transfer timed out.\n\nIn the past the root cause of this issue was incorrectly identified (as it\noften happens during link retraining or after link down event) and special\nhack was implemented in Trusted Firmware to catch all SError events in EL3,\nto ignore errors with code 0xbf000002 and not forwarding any other errors\nto kernel and instead throw panic from EL3 Trusted Firmware handler.\n\nLinks to discussion and patches about this issue:\nhttps://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=3c7dcdac5c50\nhttps://lore.kernel.org/linux-pci/20190316161243.29517-1-repk@triplefau.lt/\nhttps://lore.kernel.org/linux-pci/971be151d24312cc533989a64bd454b4@www.loen.fr/\nhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/1541\n\nBut the real cause was the fact that during link retraining or after link\ndown event the PIO transfer may take longer time, up to the 1.44s until it\ntimes out. This increased probability that a new PIO transfer would be\nissued by kernel while previous one has not finished yet.\n\nAfter applying this change into the kernel, it is possible to revert the\nmentioned TF-A hack and SError events do not have to be caught in TF-A EL3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47229",
"url": "https://www.suse.com/security/cve/CVE-2021-47229"
},
{
"category": "external",
"summary": "SUSE Bug 1224854 for CVE-2021-47229",
"url": "https://bugzilla.suse.com/1224854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47229"
},
{
"cve": "CVE-2021-47231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcba_usb: fix memory leak in mcba_usb\n\nSyzbot reported memory leak in SocketCAN driver for Microchip CAN BUS\nAnalyzer Tool. The problem was in unfreed usb_coherent.\n\nIn mcba_usb_start() 20 coherent buffers are allocated and there is\nnothing, that frees them:\n\n1) In callback function the urb is resubmitted and that\u0027s all\n2) In disconnect function urbs are simply killed, but URB_FREE_BUFFER\n is not set (see mcba_usb_start) and this flag cannot be used with\n coherent buffers.\n\nFail log:\n| [ 1354.053291][ T8413] mcba_usb 1-1:0.0 can0: device disconnected\n| [ 1367.059384][ T8420] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmem)\n\nSo, all allocated buffers should be freed with usb_free_coherent()\nexplicitly\n\nNOTE:\nThe same pattern for allocating and freeing coherent buffers\nis used in drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47231",
"url": "https://www.suse.com/security/cve/CVE-2021-47231"
},
{
"category": "external",
"summary": "SUSE Bug 1224849 for CVE-2021-47231",
"url": "https://bugzilla.suse.com/1224849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47231"
},
{
"cve": "CVE-2021-47235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47235"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: fix potential use-after-free in ec_bhf_remove\n\nstatic void ec_bhf_remove(struct pci_dev *dev)\n{\n...\n\tstruct ec_bhf_priv *priv = netdev_priv(net_dev);\n\n\tunregister_netdev(net_dev);\n\tfree_netdev(net_dev);\n\n\tpci_iounmap(dev, priv-\u003edma_io);\n\tpci_iounmap(dev, priv-\u003eio);\n...\n}\n\npriv is netdev private data, but it is used\nafter free_netdev(). It can cause use-after-free when accessing priv\npointer. So, fix it by moving free_netdev() after pci_iounmap()\ncalls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47235",
"url": "https://www.suse.com/security/cve/CVE-2021-47235"
},
{
"category": "external",
"summary": "SUSE Bug 1224844 for CVE-2021-47235",
"url": "https://bugzilla.suse.com/1224844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47235"
},
{
"cve": "CVE-2021-47236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47236"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cdc_eem: fix tx fixup skb leak\n\nwhen usbnet transmit a skb, eem fixup it in eem_tx_fixup(),\nif skb_copy_expand() failed, it return NULL,\nusbnet_start_xmit() will have no chance to free original skb.\n\nfix it by free orginal skb in eem_tx_fixup() first,\nthen check skb clone status, if failed, return NULL to usbnet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47236",
"url": "https://www.suse.com/security/cve/CVE-2021-47236"
},
{
"category": "external",
"summary": "SUSE Bug 1224841 for CVE-2021-47236",
"url": "https://bugzilla.suse.com/1224841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47236"
},
{
"cve": "CVE-2021-47237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hamradio: fix memory leak in mkiss_close\n\nMy local syzbot instance hit memory leak in\nmkiss_open()[1]. The problem was in missing\nfree_netdev() in mkiss_close().\n\nIn mkiss_open() netdevice is allocated and then\nregistered, but in mkiss_close() netdevice was\nonly unregistered, but not freed.\n\nFail log:\n\nBUG: memory leak\nunreferenced object 0xffff8880281ba000 (size 4096):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 61 78 30 00 00 00 00 00 00 00 00 00 00 00 00 00 ax0.............\n 00 27 fa 2a 80 88 ff ff 00 00 00 00 00 00 00 00 .\u0027.*............\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706e7e8\u003e] alloc_netdev_mqs+0x98/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff8880141a9a00 (size 96):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n e8 a2 1b 28 80 88 ff ff e8 a2 1b 28 80 88 ff ff ...(.......(....\n 98 92 9c aa b0 40 02 00 00 00 00 00 00 00 00 00 .....@..........\n backtrace:\n [\u003cffffffff8709f68b\u003e] __hw_addr_create_ex+0x5b/0x310\n [\u003cffffffff8709fb38\u003e] __hw_addr_add_ex+0x1f8/0x2b0\n [\u003cffffffff870a0c7b\u003e] dev_addr_init+0x10b/0x1f0\n [\u003cffffffff8706e88b\u003e] alloc_netdev_mqs+0x13b/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff8880219bfc00 (size 512):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 00 a0 1b 28 80 88 ff ff 80 8f b1 8d ff ff ff ff ...(............\n 80 8f b1 8d ff ff ff ff 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706eec7\u003e] alloc_netdev_mqs+0x777/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBUG: memory leak\nunreferenced object 0xffff888029b2b200 (size 256):\n comm \"syz-executor.1\", pid 11443, jiffies 4295046091 (age 17.660s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81a27201\u003e] kvmalloc_node+0x61/0xf0\n [\u003cffffffff8706f062\u003e] alloc_netdev_mqs+0x912/0xe80\n [\u003cffffffff84e64192\u003e] mkiss_open+0xb2/0x6f0 [1]\n [\u003cffffffff842355db\u003e] tty_ldisc_open+0x9b/0x110\n [\u003cffffffff84236488\u003e] tty_set_ldisc+0x2e8/0x670\n [\u003cffffffff8421f7f3\u003e] tty_ioctl+0xda3/0x1440\n [\u003cffffffff81c9f273\u003e] __x64_sys_ioctl+0x193/0x200\n [\u003cffffffff8911263a\u003e] do_syscall_64+0x3a/0xb0\n [\u003cffffffff89200068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47237",
"url": "https://www.suse.com/security/cve/CVE-2021-47237"
},
{
"category": "external",
"summary": "SUSE Bug 1224830 for CVE-2021-47237",
"url": "https://bugzilla.suse.com/1224830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47237"
},
{
"cve": "CVE-2021-47238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in ip_mc_add1_src\n\nBUG: memory leak\nunreferenced object 0xffff888101bc4c00 (size 32):\n comm \"syz-executor527\", pid 360, jiffies 4294807421 (age 19.329s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 01 00 00 00 00 00 00 00 ac 14 14 bb 00 00 02 00 ................\n backtrace:\n [\u003c00000000f17c5244\u003e] kmalloc include/linux/slab.h:558 [inline]\n [\u003c00000000f17c5244\u003e] kzalloc include/linux/slab.h:688 [inline]\n [\u003c00000000f17c5244\u003e] ip_mc_add1_src net/ipv4/igmp.c:1971 [inline]\n [\u003c00000000f17c5244\u003e] ip_mc_add_src+0x95f/0xdb0 net/ipv4/igmp.c:2095\n [\u003c000000001cb99709\u003e] ip_mc_source+0x84c/0xea0 net/ipv4/igmp.c:2416\n [\u003c0000000052cf19ed\u003e] do_ip_setsockopt net/ipv4/ip_sockglue.c:1294 [inline]\n [\u003c0000000052cf19ed\u003e] ip_setsockopt+0x114b/0x30c0 net/ipv4/ip_sockglue.c:1423\n [\u003c00000000477edfbc\u003e] raw_setsockopt+0x13d/0x170 net/ipv4/raw.c:857\n [\u003c00000000e75ca9bb\u003e] __sys_setsockopt+0x158/0x270 net/socket.c:2117\n [\u003c00000000bdb993a8\u003e] __do_sys_setsockopt net/socket.c:2128 [inline]\n [\u003c00000000bdb993a8\u003e] __se_sys_setsockopt net/socket.c:2125 [inline]\n [\u003c00000000bdb993a8\u003e] __x64_sys_setsockopt+0xba/0x150 net/socket.c:2125\n [\u003c000000006a1ffdbd\u003e] do_syscall_64+0x40/0x80 arch/x86/entry/common.c:47\n [\u003c00000000b11467c4\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nIn commit 24803f38a5c0 (\"igmp: do not remove igmp souce list info when set\nlink down\"), the ip_mc_clear_src() in ip_mc_destroy_dev() was removed,\nbecause it was also called in igmpv3_clear_delrec().\n\nRough callgraph:\n\ninetdev_destroy\n-\u003e ip_mc_destroy_dev\n -\u003e igmpv3_clear_delrec\n -\u003e ip_mc_clear_src\n-\u003e RCU_INIT_POINTER(dev-\u003eip_ptr, NULL)\n\nHowever, ip_mc_clear_src() called in igmpv3_clear_delrec() doesn\u0027t\nrelease in_dev-\u003emc_list-\u003esources. And RCU_INIT_POINTER() assigns the\nNULL to dev-\u003eip_ptr. As a result, in_dev cannot be obtained through\ninetdev_by_index() and then in_dev-\u003emc_list-\u003esources cannot be released\nby ip_mc_del1_src() in the sock_close. Rough call sequence goes like:\n\nsock_close\n-\u003e __sock_release\n -\u003e inet_release\n -\u003e ip_mc_drop_socket\n -\u003e inetdev_by_index\n -\u003e ip_mc_leave_src\n -\u003e ip_mc_del_src\n -\u003e ip_mc_del1_src\n\nSo we still need to call ip_mc_clear_src() in ip_mc_destroy_dev() to free\nin_dev-\u003emc_list-\u003esources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47238",
"url": "https://www.suse.com/security/cve/CVE-2021-47238"
},
{
"category": "external",
"summary": "SUSE Bug 1224847 for CVE-2021-47238",
"url": "https://bugzilla.suse.com/1224847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47238"
},
{
"cve": "CVE-2021-47239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix possible use-after-free in smsc75xx_bind\n\nThe commit 46a8b29c6306 (\"net: usb: fix memory leak in smsc75xx_bind\")\nfails to clean up the work scheduled in smsc75xx_reset-\u003e\nsmsc75xx_set_multicast, which leads to use-after-free if the work is\nscheduled to start after the deallocation. In addition, this patch\nalso removes a dangling pointer - dev-\u003edata[0].\n\nThis patch calls cancel_work_sync to cancel the scheduled work and set\nthe dangling pointer to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47239",
"url": "https://www.suse.com/security/cve/CVE-2021-47239"
},
{
"category": "external",
"summary": "SUSE Bug 1224846 for CVE-2021-47239",
"url": "https://bugzilla.suse.com/1224846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47239"
},
{
"cve": "CVE-2021-47245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: synproxy: Fix out of bounds when parsing TCP options\n\nThe TCP option parser in synproxy (synproxy_parse_options) could read\none byte out of bounds. When the length is 1, the execution flow gets\ninto the loop, reads one byte of the opcode, and if the opcode is\nneither TCPOPT_EOL nor TCPOPT_NOP, it reads one more byte, which exceeds\nthe length of 1.\n\nThis fix is inspired by commit 9609dad263f8 (\"ipv4: tcp_input: fix stack\nout of bounds when parsing TCP options.\").\n\nv2 changes:\n\nAdded an early return when length \u003c 0 to avoid calling\nskb_header_pointer with negative length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47245",
"url": "https://www.suse.com/security/cve/CVE-2021-47245"
},
{
"category": "external",
"summary": "SUSE Bug 1224838 for CVE-2021-47245",
"url": "https://bugzilla.suse.com/1224838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47245"
},
{
"cve": "CVE-2021-47246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47246"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix page reclaim for dead peer hairpin\n\nWhen adding a hairpin flow, a firmware-side send queue is created for\nthe peer net device, which claims some host memory pages for its\ninternal ring buffer. If the peer net device is removed/unbound before\nthe hairpin flow is deleted, then the send queue is not destroyed which\nleads to a stack trace on pci device remove:\n\n[ 748.005230] mlx5_core 0000:08:00.2: wait_func:1094:(pid 12985): MANAGE_PAGES(0x108) timeout. Will cause a leak of a command resource\n[ 748.005231] mlx5_core 0000:08:00.2: reclaim_pages:514:(pid 12985): failed reclaiming pages: err -110\n[ 748.001835] mlx5_core 0000:08:00.2: mlx5_reclaim_root_pages:653:(pid 12985): failed reclaiming pages (-110) for func id 0x0\n[ 748.002171] ------------[ cut here ]------------\n[ 748.001177] FW pages counter is 4 after reclaiming all pages\n[ 748.001186] WARNING: CPU: 1 PID: 12985 at drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c:685 mlx5_reclaim_startup_pages+0x34b/0x460 [mlx5_core] [ +0.002771] Modules linked in: cls_flower mlx5_ib mlx5_core ptp pps_core act_mirred sch_ingress openvswitch nsh xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_umad ib_ipoib iw_cm ib_cm ib_uverbs ib_core overlay fuse [last unloaded: pps_core]\n[ 748.007225] CPU: 1 PID: 12985 Comm: tee Not tainted 5.12.0+ #1\n[ 748.001376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 748.002315] RIP: 0010:mlx5_reclaim_startup_pages+0x34b/0x460 [mlx5_core]\n[ 748.001679] Code: 28 00 00 00 0f 85 22 01 00 00 48 81 c4 b0 00 00 00 31 c0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 c7 c7 40 cc 19 a1 e8 9f 71 0e e2 \u003c0f\u003e 0b e9 30 ff ff ff 48 c7 c7 a0 cc 19 a1 e8 8c 71 0e e2 0f 0b e9\n[ 748.003781] RSP: 0018:ffff88815220faf8 EFLAGS: 00010286\n[ 748.001149] RAX: 0000000000000000 RBX: ffff8881b4900280 RCX: 0000000000000000\n[ 748.001445] RDX: 0000000000000027 RSI: 0000000000000004 RDI: ffffed102a441f51\n[ 748.001614] RBP: 00000000000032b9 R08: 0000000000000001 R09: ffffed1054a15ee8\n[ 748.001446] R10: ffff8882a50af73b R11: ffffed1054a15ee7 R12: fffffbfff07c1e30\n[ 748.001447] R13: dffffc0000000000 R14: ffff8881b492cba8 R15: 0000000000000000\n[ 748.001429] FS: 00007f58bd08b580(0000) GS:ffff8882a5080000(0000) knlGS:0000000000000000\n[ 748.001695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 748.001309] CR2: 000055a026351740 CR3: 00000001d3b48006 CR4: 0000000000370ea0\n[ 748.001506] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 748.001483] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 748.001654] Call Trace:\n[ 748.000576] ? mlx5_satisfy_startup_pages+0x290/0x290 [mlx5_core]\n[ 748.001416] ? mlx5_cmd_teardown_hca+0xa2/0xd0 [mlx5_core]\n[ 748.001354] ? mlx5_cmd_init_hca+0x280/0x280 [mlx5_core]\n[ 748.001203] mlx5_function_teardown+0x30/0x60 [mlx5_core]\n[ 748.001275] mlx5_uninit_one+0xa7/0xc0 [mlx5_core]\n[ 748.001200] remove_one+0x5f/0xc0 [mlx5_core]\n[ 748.001075] pci_device_remove+0x9f/0x1d0\n[ 748.000833] device_release_driver_internal+0x1e0/0x490\n[ 748.001207] unbind_store+0x19f/0x200\n[ 748.000942] ? sysfs_file_ops+0x170/0x170\n[ 748.001000] kernfs_fop_write_iter+0x2bc/0x450\n[ 748.000970] new_sync_write+0x373/0x610\n[ 748.001124] ? new_sync_read+0x600/0x600\n[ 748.001057] ? lock_acquire+0x4d6/0x700\n[ 748.000908] ? lockdep_hardirqs_on_prepare+0x400/0x400\n[ 748.001126] ? fd_install+0x1c9/0x4d0\n[ 748.000951] vfs_write+0x4d0/0x800\n[ 748.000804] ksys_write+0xf9/0x1d0\n[ 748.000868] ? __x64_sys_read+0xb0/0xb0\n[ 748.000811] ? filp_open+0x50/0x50\n[ 748.000919] ? syscall_enter_from_user_mode+0x1d/0x50\n[ 748.001223] do_syscall_64+0x3f/0x80\n[ 748.000892] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 748.00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47246",
"url": "https://www.suse.com/security/cve/CVE-2021-47246"
},
{
"category": "external",
"summary": "SUSE Bug 1224831 for CVE-2021-47246",
"url": "https://bugzilla.suse.com/1224831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47246"
},
{
"cve": "CVE-2021-47248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can\u0027t easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey \u003ckapandey@codeaurora.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47248",
"url": "https://www.suse.com/security/cve/CVE-2021-47248"
},
{
"category": "external",
"summary": "SUSE Bug 1224867 for CVE-2021-47248",
"url": "https://bugzilla.suse.com/1224867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47248"
},
{
"cve": "CVE-2021-47249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: fix memory leak in rds_recvmsg\n\nSyzbot reported memory leak in rds. The problem\nwas in unputted refcount in case of error.\n\nint rds_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,\n\t\tint msg_flags)\n{\n...\n\n\tif (!rds_next_incoming(rs, \u0026inc)) {\n\t\t...\n\t}\n\nAfter this \"if\" inc refcount incremented and\n\n\tif (rds_cmsg_recv(inc, msg, rs)) {\n\t\tret = -EFAULT;\n\t\tgoto out;\n\t}\n...\nout:\n\treturn ret;\n}\n\nin case of rds_cmsg_recv() fail the refcount won\u0027t be\ndecremented. And it\u0027s easy to see from ftrace log, that\nrds_inc_addref() don\u0027t have rds_inc_put() pair in\nrds_recvmsg() after rds_cmsg_recv()\n\n 1) | rds_recvmsg() {\n 1) 3.721 us | rds_inc_addref();\n 1) 3.853 us | rds_message_inc_copy_to_user();\n 1) + 10.395 us | rds_cmsg_recv();\n 1) + 34.260 us | }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47249",
"url": "https://www.suse.com/security/cve/CVE-2021-47249"
},
{
"category": "external",
"summary": "SUSE Bug 1224880 for CVE-2021-47249",
"url": "https://bugzilla.suse.com/1224880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47249"
},
{
"cve": "CVE-2021-47250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47250"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[\u003c00000000e67ed558\u003e] kmalloc include/linux/slab.h:590 [inline]\n[\u003c00000000e67ed558\u003e] kzalloc include/linux/slab.h:720 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[\u003c0000000006040154\u003e] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[\u003c00000000204d7a1c\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[\u003c00000000204d7a1c\u003e] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[\u003c00000000c0d6a995\u003e] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[\u003c00000000d78b9d2c\u003e] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[\u003c000000009733081b\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[\u003c000000009733081b\u003e] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[\u003c00000000d5fd43b8\u003e] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[\u003c000000000a2d1e40\u003e] sock_sendmsg_nosec net/socket.c:654 [inline]\n[\u003c000000000a2d1e40\u003e] sock_sendmsg+0x139/0x170 net/socket.c:674\n[\u003c00000000321d1969\u003e] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[\u003c00000000964e16bc\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[\u003c000000001615e288\u003e] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[\u003c000000004ee8b6a5\u003e] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[\u003c00000000171c7cee\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def-\u003emap.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47250",
"url": "https://www.suse.com/security/cve/CVE-2021-47250"
},
{
"category": "external",
"summary": "SUSE Bug 1224827 for CVE-2021-47250",
"url": "https://bugzilla.suse.com/1224827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47250"
},
{
"cve": "CVE-2021-47252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid WARN_ON timing related checks\n\nThe soft/batadv interface for a queued OGM can be changed during the time\nthe OGM was queued for transmission and when the OGM is actually\ntransmitted by the worker.\n\nBut WARN_ON must be used to denote kernel bugs and not to print simple\nwarnings. A warning can simply be printed using pr_warn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47252",
"url": "https://www.suse.com/security/cve/CVE-2021-47252"
},
{
"category": "external",
"summary": "SUSE Bug 1224882 for CVE-2021-47252",
"url": "https://bugzilla.suse.com/1224882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47252"
},
{
"cve": "CVE-2021-47254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix use-after-free in gfs2_glock_shrink_scan\n\nThe GLF_LRU flag is checked under lru_lock in gfs2_glock_remove_from_lru() to\nremove the glock from the lru list in __gfs2_glock_put().\n\nOn the shrink scan path, the same flag is cleared under lru_lock but because\nof cond_resched_lock(\u0026lru_lock) in gfs2_dispose_glock_lru(), progress on the\nput side can be made without deleting the glock from the lru list.\n\nKeep GLF_LRU across the race window opened by cond_resched_lock(\u0026lru_lock) to\nensure correct behavior on both sides - clear GLF_LRU after list_del under\nlru_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47254",
"url": "https://www.suse.com/security/cve/CVE-2021-47254"
},
{
"category": "external",
"summary": "SUSE Bug 1224888 for CVE-2021-47254",
"url": "https://bugzilla.suse.com/1224888"
},
{
"category": "external",
"summary": "SUSE Bug 1227559 for CVE-2021-47254",
"url": "https://bugzilla.suse.com/1227559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47254"
},
{
"cve": "CVE-2021-47258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix error handling of scsi_host_alloc()\n\nAfter device is initialized via device_initialize(), or its name is set via\ndev_set_name(), the device has to be freed via put_device(). Otherwise\ndevice name will be leaked because it is allocated dynamically in\ndev_set_name().\n\nFix the leak by replacing kfree() with put_device(). Since\nscsi_host_dev_release() properly handles IDA and kthread removal, remove\nspecial-casing these from the error handling as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47258",
"url": "https://www.suse.com/security/cve/CVE-2021-47258"
},
{
"category": "external",
"summary": "SUSE Bug 1224899 for CVE-2021-47258",
"url": "https://bugzilla.suse.com/1224899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47258"
},
{
"cve": "CVE-2021-47260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47260"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a potential NULL dereference in nfs_get_client()\n\nNone of the callers are expecting NULL returns from nfs_get_client() so\nthis code will lead to an Oops. It\u0027s better to return an error\npointer. I expect that this is dead code so hopefully no one is\naffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47260",
"url": "https://www.suse.com/security/cve/CVE-2021-47260"
},
{
"category": "external",
"summary": "SUSE Bug 1224834 for CVE-2021-47260",
"url": "https://bugzilla.suse.com/1224834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47260"
},
{
"cve": "CVE-2021-47261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix initializing CQ fragments buffer\n\nThe function init_cq_frag_buf() can be called to initialize the current CQ\nfragments buffer cq-\u003ebuf, or the temporary cq-\u003eresize_buf that is filled\nduring CQ resize operation.\n\nHowever, the offending commit started to use function get_cqe() for\ngetting the CQEs, the issue with this change is that get_cqe() always\nreturns CQEs from cq-\u003ebuf, which leads us to initialize the wrong buffer,\nand in case of enlarging the CQ we try to access elements beyond the size\nof the current cq-\u003ebuf and eventually hit a kernel panic.\n\n [exception RIP: init_cq_frag_buf+103]\n [ffff9f799ddcbcd8] mlx5_ib_resize_cq at ffffffffc0835d60 [mlx5_ib]\n [ffff9f799ddcbdb0] ib_resize_cq at ffffffffc05270df [ib_core]\n [ffff9f799ddcbdc0] llt_rdma_setup_qp at ffffffffc0a6a712 [llt]\n [ffff9f799ddcbe10] llt_rdma_cc_event_action at ffffffffc0a6b411 [llt]\n [ffff9f799ddcbe98] llt_rdma_client_conn_thread at ffffffffc0a6bb75 [llt]\n [ffff9f799ddcbec8] kthread at ffffffffa66c5da1\n [ffff9f799ddcbf50] ret_from_fork_nospec_begin at ffffffffa6d95ddd\n\nFix it by getting the needed CQE by calling mlx5_frag_buf_get_wqe() that\ntakes the correct source buffer as a parameter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47261",
"url": "https://www.suse.com/security/cve/CVE-2021-47261"
},
{
"category": "external",
"summary": "SUSE Bug 1224954 for CVE-2021-47261",
"url": "https://bugzilla.suse.com/1224954"
},
{
"category": "external",
"summary": "SUSE Bug 1227751 for CVE-2021-47261",
"url": "https://bugzilla.suse.com/1227751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47261"
},
{
"cve": "CVE-2021-47265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47265"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: Verify port when creating flow rule\n\nValidate port value provided by the user and with that remove no longer\nneeded validation by the driver. The missing check in the mlx5_ib driver\ncould cause to the below oops.\n\nCall trace:\n _create_flow_rule+0x2d4/0xf28 [mlx5_ib]\n mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib]\n ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs]\n ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs]\n ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs]\n do_vfs_ioctl+0xd0/0xaf0\n ksys_ioctl+0x84/0xb4\n __arm64_sys_ioctl+0x28/0xc4\n el0_svc_common.constprop.3+0xa4/0x254\n el0_svc_handler+0x84/0xa0\n el0_svc+0x10/0x26c\n Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47265",
"url": "https://www.suse.com/security/cve/CVE-2021-47265"
},
{
"category": "external",
"summary": "SUSE Bug 1224957 for CVE-2021-47265",
"url": "https://bugzilla.suse.com/1224957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47265"
},
{
"cve": "CVE-2021-47269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47269"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: ep0: fix NULL pointer exception\n\nThere is no validation of the index from dwc3_wIndex_to_dep() and we might\nbe referring a non-existing ep and trigger a NULL pointer exception. In\ncertain configurations we might use fewer eps and the index might wrongly\nindicate a larger ep index than existing.\n\nBy adding this validation from the patch we can actually report a wrong\nindex back to the caller.\n\nIn our usecase we are using a composite device on an older kernel, but\nupstream might use this fix also. Unfortunately, I cannot describe the\nhardware for others to reproduce the issue as it is a proprietary\nimplementation.\n\n[ 82.958261] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a4\n[ 82.966891] Mem abort info:\n[ 82.969663] ESR = 0x96000006\n[ 82.972703] Exception class = DABT (current EL), IL = 32 bits\n[ 82.978603] SET = 0, FnV = 0\n[ 82.981642] EA = 0, S1PTW = 0\n[ 82.984765] Data abort info:\n[ 82.987631] ISV = 0, ISS = 0x00000006\n[ 82.991449] CM = 0, WnR = 0\n[ 82.994409] user pgtable: 4k pages, 39-bit VAs, pgdp = 00000000c6210ccc\n[ 83.000999] [00000000000000a4] pgd=0000000053aa5003, pud=0000000053aa5003, pmd=0000000000000000\n[ 83.009685] Internal error: Oops: 96000006 [#1] PREEMPT SMP\n[ 83.026433] Process irq/62-dwc3 (pid: 303, stack limit = 0x000000003985154c)\n[ 83.033470] CPU: 0 PID: 303 Comm: irq/62-dwc3 Not tainted 4.19.124 #1\n[ 83.044836] pstate: 60000085 (nZCv daIf -PAN -UAO)\n[ 83.049628] pc : dwc3_ep0_handle_feature+0x414/0x43c\n[ 83.054558] lr : dwc3_ep0_interrupt+0x3b4/0xc94\n\n...\n\n[ 83.141788] Call trace:\n[ 83.144227] dwc3_ep0_handle_feature+0x414/0x43c\n[ 83.148823] dwc3_ep0_interrupt+0x3b4/0xc94\n[ 83.181546] ---[ end trace aac6b5267d84c32f ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47269",
"url": "https://www.suse.com/security/cve/CVE-2021-47269"
},
{
"category": "external",
"summary": "SUSE Bug 1224996 for CVE-2021-47269",
"url": "https://bugzilla.suse.com/1224996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47269"
},
{
"cve": "CVE-2021-47274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47274"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Correct the length check which causes memory corruption\n\nWe\u0027ve suffered from severe kernel crashes due to memory corruption on\nour production environment, like,\n\nCall Trace:\n[1640542.554277] general protection fault: 0000 [#1] SMP PTI\n[1640542.554856] CPU: 17 PID: 26996 Comm: python Kdump: loaded Tainted:G\n[1640542.556629] RIP: 0010:kmem_cache_alloc+0x90/0x190\n[1640542.559074] RSP: 0018:ffffb16faa597df8 EFLAGS: 00010286\n[1640542.559587] RAX: 0000000000000000 RBX: 0000000000400200 RCX:\n0000000006e931bf\n[1640542.560323] RDX: 0000000006e931be RSI: 0000000000400200 RDI:\nffff9a45ff004300\n[1640542.560996] RBP: 0000000000400200 R08: 0000000000023420 R09:\n0000000000000000\n[1640542.561670] R10: 0000000000000000 R11: 0000000000000000 R12:\nffffffff9a20608d\n[1640542.562366] R13: ffff9a45ff004300 R14: ffff9a45ff004300 R15:\n696c662f65636976\n[1640542.563128] FS: 00007f45d7c6f740(0000) GS:ffff9a45ff840000(0000)\nknlGS:0000000000000000\n[1640542.563937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1640542.564557] CR2: 00007f45d71311a0 CR3: 000000189d63e004 CR4:\n00000000003606e0\n[1640542.565279] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[1640542.566069] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[1640542.566742] Call Trace:\n[1640542.567009] anon_vma_clone+0x5d/0x170\n[1640542.567417] __split_vma+0x91/0x1a0\n[1640542.567777] do_munmap+0x2c6/0x320\n[1640542.568128] vm_munmap+0x54/0x70\n[1640542.569990] __x64_sys_munmap+0x22/0x30\n[1640542.572005] do_syscall_64+0x5b/0x1b0\n[1640542.573724] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[1640542.575642] RIP: 0033:0x7f45d6e61e27\n\nJames Wang has reproduced it stably on the latest 4.19 LTS.\nAfter some debugging, we finally proved that it\u0027s due to ftrace\nbuffer out-of-bound access using a debug tool as follows:\n[ 86.775200] BUG: Out-of-bounds write at addr 0xffff88aefe8b7000\n[ 86.780806] no_context+0xdf/0x3c0\n[ 86.784327] __do_page_fault+0x252/0x470\n[ 86.788367] do_page_fault+0x32/0x140\n[ 86.792145] page_fault+0x1e/0x30\n[ 86.795576] strncpy_from_unsafe+0x66/0xb0\n[ 86.799789] fetch_memory_string+0x25/0x40\n[ 86.804002] fetch_deref_string+0x51/0x60\n[ 86.808134] kprobe_trace_func+0x32d/0x3a0\n[ 86.812347] kprobe_dispatcher+0x45/0x50\n[ 86.816385] kprobe_ftrace_handler+0x90/0xf0\n[ 86.820779] ftrace_ops_assist_func+0xa1/0x140\n[ 86.825340] 0xffffffffc00750bf\n[ 86.828603] do_sys_open+0x5/0x1f0\n[ 86.832124] do_syscall_64+0x5b/0x1b0\n[ 86.835900] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\ncommit b220c049d519 (\"tracing: Check length before giving out\nthe filter buffer\") adds length check to protect trace data\noverflow introduced in 0fc1b09ff1ff, seems that this fix can\u0027t prevent\noverflow entirely, the length check should also take the sizeof\nentry-\u003earray[0] into account, since this array[0] is filled the\nlength of trace data and occupy addtional space and risk overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47274",
"url": "https://www.suse.com/security/cve/CVE-2021-47274"
},
{
"category": "external",
"summary": "SUSE Bug 1224990 for CVE-2021-47274",
"url": "https://bugzilla.suse.com/1224990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47274"
},
{
"cve": "CVE-2021-47276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47276"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Do not blindly read the ip address in ftrace_bug()\n\nIt was reported that a bug on arm64 caused a bad ip address to be used for\nupdating into a nop in ftrace_init(), but the error path (rightfully)\nreturned -EINVAL and not -EFAULT, as the bug caused more than one error to\noccur. But because -EINVAL was returned, the ftrace_bug() tried to report\nwhat was at the location of the ip address, and read it directly. This\ncaused the machine to panic, as the ip was not pointing to a valid memory\naddress.\n\nInstead, read the ip address with copy_from_kernel_nofault() to safely\naccess the memory, and if it faults, report that the address faulted,\notherwise report what was in that location.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47276",
"url": "https://www.suse.com/security/cve/CVE-2021-47276"
},
{
"category": "external",
"summary": "SUSE Bug 1224966 for CVE-2021-47276",
"url": "https://bugzilla.suse.com/1224966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47276"
},
{
"cve": "CVE-2021-47277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkvm: avoid speculation-based attacks from out-of-range memslot accesses\n\nKVM\u0027s mechanism for accessing guest memory translates a guest physical\naddress (gpa) to a host virtual address using the right-shifted gpa\n(also known as gfn) and a struct kvm_memory_slot. The translation is\nperformed in __gfn_to_hva_memslot using the following formula:\n\n hva = slot-\u003euserspace_addr + (gfn - slot-\u003ebase_gfn) * PAGE_SIZE\n\nIt is expected that gfn falls within the boundaries of the guest\u0027s\nphysical memory. However, a guest can access invalid physical addresses\nin such a way that the gfn is invalid.\n\n__gfn_to_hva_memslot is called from kvm_vcpu_gfn_to_hva_prot, which first\nretrieves a memslot through __gfn_to_memslot. While __gfn_to_memslot\ndoes check that the gfn falls within the boundaries of the guest\u0027s\nphysical memory or not, a CPU can speculate the result of the check and\ncontinue execution speculatively using an illegal gfn. The speculation\ncan result in calculating an out-of-bounds hva. If the resulting host\nvirtual address is used to load another guest physical address, this\nis effectively a Spectre gadget consisting of two consecutive reads,\nthe second of which is data dependent on the first.\n\nRight now it\u0027s not clear if there are any cases in which this is\nexploitable. One interesting case was reported by the original author\nof this patch, and involves visiting guest page tables on x86. Right\nnow these are not vulnerable because the hva read goes through get_user(),\nwhich contains an LFENCE speculation barrier. However, there are\npatches in progress for x86 uaccess.h to mask kernel addresses instead of\nusing LFENCE; once these land, a guest could use speculation to read\nfrom the VMM\u0027s ring 3 address space. Other architectures such as ARM\nalready use the address masking method, and would be susceptible to\nthis same kind of data-dependent access gadgets. Therefore, this patch\nproactively protects from these attacks by masking out-of-bounds gfns\nin __gfn_to_hva_memslot, which blocks speculation of invalid hvas.\n\nSean Christopherson noted that this patch does not cover\nkvm_read_guest_offset_cached. This however is limited to a few bytes\npast the end of the cache, and therefore it is unlikely to be useful in\nthe context of building a chain of data dependent accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47277",
"url": "https://www.suse.com/security/cve/CVE-2021-47277"
},
{
"category": "external",
"summary": "SUSE Bug 1224960 for CVE-2021-47277",
"url": "https://bugzilla.suse.com/1224960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47277"
},
{
"cve": "CVE-2021-47280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47280"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Fix use-after-free read in drm_getunique()\n\nThere is a time-of-check-to-time-of-use error in drm_getunique() due\nto retrieving file_priv-\u003emaster prior to locking the device\u0027s master\nmutex.\n\nAn example can be seen in the crash report of the use-after-free error\nfound by Syzbot:\nhttps://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803\n\nIn the report, the master pointer was used after being freed. This is\nbecause another process had acquired the device\u0027s master mutex in\ndrm_setmaster_ioctl(), then overwrote fpriv-\u003emaster in\ndrm_new_set_master(). The old value of fpriv-\u003emaster was subsequently\nfreed before the mutex was unlocked.\n\nTo fix this, we lock the device\u0027s master mutex before retrieving the\npointer from from fpriv-\u003emaster. This patch passes the Syzbot\nreproducer test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47280",
"url": "https://www.suse.com/security/cve/CVE-2021-47280"
},
{
"category": "external",
"summary": "SUSE Bug 1224982 for CVE-2021-47280",
"url": "https://bugzilla.suse.com/1224982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47280"
},
{
"cve": "CVE-2021-47281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: Fix race of snd_seq_timer_open()\n\nThe timer instance per queue is exclusive, and snd_seq_timer_open()\nshould have managed the concurrent accesses. It looks as if it\u0027s\nchecking the already existing timer instance at the beginning, but\nit\u0027s not right, because there is no protection, hence any later\nconcurrent call of snd_seq_timer_open() may override the timer\ninstance easily. This may result in UAF, as the leftover timer\ninstance can keep running while the queue itself gets closed, as\nspotted by syzkaller recently.\n\nFor avoiding the race, add a proper check at the assignment of\ntmr-\u003etimeri again, and return -EBUSY if it\u0027s been already registered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47281",
"url": "https://www.suse.com/security/cve/CVE-2021-47281"
},
{
"category": "external",
"summary": "SUSE Bug 1224983 for CVE-2021-47281",
"url": "https://bugzilla.suse.com/1224983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47281"
},
{
"cve": "CVE-2021-47284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: netjet: Fix crash in nj_probe:\n\n\u0027nj_setup\u0027 in netjet.c might fail with -EIO and in this case\n\u0027card-\u003eirq\u0027 is initialized and is bigger than zero. A subsequent call to\n\u0027nj_release\u0027 will free the irq that has not been requested.\n\nFix this bug by deleting the previous assignment to \u0027card-\u003eirq\u0027 and just\nkeep the assignment before \u0027request_irq\u0027.\n\nThe KASAN\u0027s log reveals it:\n\n[ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826\nfree_irq+0x100/0x480\n[ 3.355112 ] Modules linked in:\n[ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.356552 ] RIP: 0010:free_irq+0x100/0x480\n[ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18\n4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5\nff \u003c0f\u003e 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80\n[ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082\n[ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX:\n0000000000000000\n[ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI:\n00000000ffffffff\n[ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09:\n0000000000000000\n[ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12:\n0000000000000000\n[ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15:\nffff888104dc80a8\n[ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000)\nknlGS:0000000000000000\n[ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4:\n00000000000006f0\n[ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] nj_release+0x51/0x1e0\n[ 3.362175 ] nj_probe+0x450/0x950\n[ 3.362175 ] ? pci_device_remove+0x110/0x110\n[ 3.362175 ] local_pci_probe+0x45/0xa0\n[ 3.362175 ] pci_device_probe+0x12b/0x1d0\n[ 3.362175 ] really_probe+0x2a9/0x610\n[ 3.362175 ] driver_probe_device+0x90/0x1d0\n[ 3.362175 ] ? mutex_lock_nested+0x1b/0x20\n[ 3.362175 ] device_driver_attach+0x68/0x70\n[ 3.362175 ] __driver_attach+0x124/0x1b0\n[ 3.362175 ] ? device_driver_attach+0x70/0x70\n[ 3.362175 ] bus_for_each_dev+0xbb/0x110\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] driver_attach+0x27/0x30\n[ 3.362175 ] bus_add_driver+0x1eb/0x2a0\n[ 3.362175 ] driver_register+0xa9/0x180\n[ 3.362175 ] __pci_register_driver+0x82/0x90\n[ 3.362175 ] ? w6692_init+0x38/0x38\n[ 3.362175 ] nj_init+0x36/0x38\n[ 3.362175 ] do_one_initcall+0x7f/0x3d0\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80\n[ 3.362175 ] kernel_init_freeable+0x2aa/0x301\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] kernel_init+0x18/0x190\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ret_from_fork+0x1f/0x30\n[ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ...\n[ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] dump_stack+0xba/0xf5\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] panic+0x15a/0x3f2\n[ 3.362175 ] ? __warn+0xf2/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] __warn+0x108/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] report_bug+0x119/0x1c0\n[ 3.362175 ] handle_bug+0x3b/0x80\n[ 3.362175 ] exc_invalid_op+0x18/0x70\n[ 3.362175 ] asm_exc_invalid_op+0x12/0x20\n[ 3.362175 ] RIP: 0010:free_irq+0x100\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47284",
"url": "https://www.suse.com/security/cve/CVE-2021-47284"
},
{
"category": "external",
"summary": "SUSE Bug 1224987 for CVE-2021-47284",
"url": "https://bugzilla.suse.com/1224987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47284"
},
{
"cve": "CVE-2021-47285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47285"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47285",
"url": "https://www.suse.com/security/cve/CVE-2021-47285"
},
{
"category": "external",
"summary": "SUSE Bug 1224981 for CVE-2021-47285",
"url": "https://bugzilla.suse.com/1224981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47285"
},
{
"cve": "CVE-2021-47288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47288"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()\n\nFix an 11-year old bug in ngene_command_config_free_buf() while\naddressing the following warnings caught with -Warray-bounds:\n\narch/alpha/include/asm/string.h:22:16: warning: \u0027__builtin_memcpy\u0027 offset [12, 16] from the object at \u0027com\u0027 is out of the bounds of referenced subobject \u0027config\u0027 with type \u0027unsigned char\u0027 at offset 10 [-Warray-bounds]\narch/x86/include/asm/string_32.h:182:25: warning: \u0027__builtin_memcpy\u0027 offset [12, 16] from the object at \u0027com\u0027 is out of the bounds of referenced subobject \u0027config\u0027 with type \u0027unsigned char\u0027 at offset 10 [-Warray-bounds]\n\nThe problem is that the original code is trying to copy 6 bytes of\ndata into a one-byte size member _config_ of the wrong structue\nFW_CONFIGURE_BUFFERS, in a single call to memcpy(). This causes a\nlegitimate compiler warning because memcpy() overruns the length\nof \u0026com.cmd.ConfigureBuffers.config. It seems that the right\nstructure is FW_CONFIGURE_FREE_BUFFERS, instead, because it contains\n6 more members apart from the header _hdr_. Also, the name of\nthe function ngene_command_config_free_buf() suggests that the actual\nintention is to ConfigureFreeBuffers, instead of ConfigureBuffers\n(which takes place in the function ngene_command_config_buf(), above).\n\nFix this by enclosing those 6 members of struct FW_CONFIGURE_FREE_BUFFERS\ninto new struct config, and use \u0026com.cmd.ConfigureFreeBuffers.config as\nthe destination address, instead of \u0026com.cmd.ConfigureBuffers.config,\nwhen calling memcpy().\n\nThis also helps with the ongoing efforts to globally enable\n-Warray-bounds and get us closer to being able to tighten the\nFORTIFY_SOURCE routines on memcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47288",
"url": "https://www.suse.com/security/cve/CVE-2021-47288"
},
{
"category": "external",
"summary": "SUSE Bug 1224889 for CVE-2021-47288",
"url": "https://bugzilla.suse.com/1224889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47288"
},
{
"cve": "CVE-2021-47301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix use-after-free error during reset\n\nCleans the next descriptor to watch (next_to_watch) when cleaning the\nTX ring.\n\nFailure to do so can cause invalid memory accesses. If igb_poll() runs\nwhile the controller is reset this can lead to the driver try to free\na skb that was already freed.\n\n(The crash is harder to reproduce with the igb driver, but the same\npotential problem exists as the code is identical to igc)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47301",
"url": "https://www.suse.com/security/cve/CVE-2021-47301"
},
{
"category": "external",
"summary": "SUSE Bug 1224916 for CVE-2021-47301",
"url": "https://bugzilla.suse.com/1224916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47301"
},
{
"cve": "CVE-2021-47302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: Fix use-after-free error during reset\n\nCleans the next descriptor to watch (next_to_watch) when cleaning the\nTX ring.\n\nFailure to do so can cause invalid memory accesses. If igc_poll() runs\nwhile the controller is being reset this can lead to the driver try to\nfree a skb that was already freed.\n\nLog message:\n\n [ 101.525242] refcount_t: underflow; use-after-free.\n [ 101.525251] WARNING: CPU: 1 PID: 646 at lib/refcount.c:28 refcount_warn_saturate+0xab/0xf0\n [ 101.525259] Modules linked in: sch_etf(E) sch_mqprio(E) rfkill(E) intel_rapl_msr(E) intel_rapl_common(E)\n x86_pkg_temp_thermal(E) intel_powerclamp(E) coretemp(E) binfmt_misc(E) kvm_intel(E) kvm(E) irqbypass(E) crc32_pclmul(E)\n ghash_clmulni_intel(E) aesni_intel(E) mei_wdt(E) libaes(E) crypto_simd(E) cryptd(E) glue_helper(E) snd_hda_codec_hdmi(E)\n rapl(E) intel_cstate(E) snd_hda_intel(E) snd_intel_dspcfg(E) sg(E) soundwire_intel(E) intel_uncore(E) at24(E)\n soundwire_generic_allocation(E) iTCO_wdt(E) soundwire_cadence(E) intel_pmc_bxt(E) serio_raw(E) snd_hda_codec(E)\n iTCO_vendor_support(E) watchdog(E) snd_hda_core(E) snd_hwdep(E) snd_soc_core(E) snd_compress(E) snd_pcsp(E)\n soundwire_bus(E) snd_pcm(E) evdev(E) snd_timer(E) mei_me(E) snd(E) soundcore(E) mei(E) configfs(E) ip_tables(E) x_tables(E)\n autofs4(E) ext4(E) crc32c_generic(E) crc16(E) mbcache(E) jbd2(E) sd_mod(E) t10_pi(E) crc_t10dif(E) crct10dif_generic(E)\n i915(E) ahci(E) libahci(E) ehci_pci(E) igb(E) xhci_pci(E) ehci_hcd(E)\n [ 101.525303] drm_kms_helper(E) dca(E) xhci_hcd(E) libata(E) crct10dif_pclmul(E) cec(E) crct10dif_common(E) tsn(E) igc(E)\n e1000e(E) ptp(E) i2c_i801(E) crc32c_intel(E) psmouse(E) i2c_algo_bit(E) i2c_smbus(E) scsi_mod(E) lpc_ich(E) pps_core(E)\n usbcore(E) drm(E) button(E) video(E)\n [ 101.525318] CPU: 1 PID: 646 Comm: irq/37-enp7s0-T Tainted: G E 5.10.30-rt37-tsn1-rt-ipipe #ipipe\n [ 101.525320] Hardware name: SIEMENS AG SIMATIC IPC427D/A5E31233588, BIOS V17.02.09 03/31/2017\n [ 101.525322] RIP: 0010:refcount_warn_saturate+0xab/0xf0\n [ 101.525325] Code: 05 31 48 44 01 01 e8 f0 c6 42 00 0f 0b c3 80 3d 1f 48 44 01 00 75 90 48 c7 c7 78 a8 f3 a6 c6 05 0f 48\n 44 01 01 e8 d1 c6 42 00 \u003c0f\u003e 0b c3 80 3d fe 47 44 01 00 0f 85 6d ff ff ff 48 c7 c7 d0 a8 f3\n [ 101.525327] RSP: 0018:ffffbdedc0917cb8 EFLAGS: 00010286\n [ 101.525329] RAX: 0000000000000000 RBX: ffff98fd6becbf40 RCX: 0000000000000001\n [ 101.525330] RDX: 0000000000000001 RSI: ffffffffa6f2700c RDI: 00000000ffffffff\n [ 101.525332] RBP: ffff98fd6becc14c R08: ffffffffa7463d00 R09: ffffbdedc0917c50\n [ 101.525333] R10: ffffffffa74c3578 R11: 0000000000000034 R12: 00000000ffffff00\n [ 101.525335] R13: ffff98fd6b0b1000 R14: 0000000000000039 R15: ffff98fd6be35c40\n [ 101.525337] FS: 0000000000000000(0000) GS:ffff98fd6e240000(0000) knlGS:0000000000000000\n [ 101.525339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 101.525341] CR2: 00007f34135a3a70 CR3: 0000000150210003 CR4: 00000000001706e0\n [ 101.525343] Call Trace:\n [ 101.525346] sock_wfree+0x9c/0xa0\n [ 101.525353] unix_destruct_scm+0x7b/0xa0\n [ 101.525358] skb_release_head_state+0x40/0x90\n [ 101.525362] skb_release_all+0xe/0x30\n [ 101.525364] napi_consume_skb+0x57/0x160\n [ 101.525367] igc_poll+0xb7/0xc80 [igc]\n [ 101.525376] ? sched_clock+0x5/0x10\n [ 101.525381] ? sched_clock_cpu+0xe/0x100\n [ 101.525385] net_rx_action+0x14c/0x410\n [ 101.525388] __do_softirq+0xe9/0x2f4\n [ 101.525391] __local_bh_enable_ip+0xe3/0x110\n [ 101.525395] ? irq_finalize_oneshot.part.47+0xe0/0xe0\n [ 101.525398] irq_forced_thread_fn+0x6a/0x80\n [ 101.525401] irq_thread+0xe8/0x180\n [ 101.525403] ? wake_threads_waitq+0x30/0x30\n [ 101.525406] ? irq_thread_check_affinity+0xd0/0xd0\n [ 101.525408] kthread+0x183/0x1a0\n [ 101.525412] ? kthread_park+0x80/0x80\n [ 101.525415] ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47302",
"url": "https://www.suse.com/security/cve/CVE-2021-47302"
},
{
"category": "external",
"summary": "SUSE Bug 1224917 for CVE-2021-47302",
"url": "https://bugzilla.suse.com/1224917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47302"
},
{
"cve": "CVE-2021-47305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sync_file: Don\u0027t leak fences on merge failure\n\nEach add_fence() call does a dma_fence_get() on the relevant fence. In\nthe error path, we weren\u0027t calling dma_fence_put() so all those fences\ngot leaked. Also, in the krealloc_array failure case, we weren\u0027t\nfreeing the fences array. Instead, ensure that i and fences are always\nzero-initialized and dma_fence_put() all the fences and kfree(fences) on\nevery error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47305",
"url": "https://www.suse.com/security/cve/CVE-2021-47305"
},
{
"category": "external",
"summary": "SUSE Bug 1224968 for CVE-2021-47305",
"url": "https://bugzilla.suse.com/1224968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47305"
},
{
"cve": "CVE-2021-47307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL deref in cifs_compose_mount_options()\n\nThe optional @ref parameter might contain an NULL node_name, so\nprevent dereferencing it in cifs_compose_mount_options().\n\nAddresses-Coverity: 1476408 (\"Explicit null dereferenced\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47307",
"url": "https://www.suse.com/security/cve/CVE-2021-47307"
},
{
"category": "external",
"summary": "SUSE Bug 1224961 for CVE-2021-47307",
"url": "https://bugzilla.suse.com/1224961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47307"
},
{
"cve": "CVE-2021-47308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47308"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix array index out of bound exception\n\nFix array index out of bound exception in fc_rport_prli_resp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47308",
"url": "https://www.suse.com/security/cve/CVE-2021-47308"
},
{
"category": "external",
"summary": "SUSE Bug 1224963 for CVE-2021-47308",
"url": "https://bugzilla.suse.com/1224963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47308"
},
{
"cve": "CVE-2021-47310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47310"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ti: fix UAF in tlan_remove_one\n\npriv is netdev private data and it cannot be\nused after free_netdev() call. Using priv after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47310",
"url": "https://www.suse.com/security/cve/CVE-2021-47310"
},
{
"category": "external",
"summary": "SUSE Bug 1224959 for CVE-2021-47310",
"url": "https://bugzilla.suse.com/1224959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47310"
},
{
"cve": "CVE-2021-47311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47311"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qcom/emac: fix UAF in emac_remove\n\nadpt is netdev private data and it cannot be\nused after free_netdev() call. Using adpt after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47311",
"url": "https://www.suse.com/security/cve/CVE-2021-47311"
},
{
"category": "external",
"summary": "SUSE Bug 1225010 for CVE-2021-47311",
"url": "https://bugzilla.suse.com/1225010"
},
{
"category": "external",
"summary": "SUSE Bug 1227752 for CVE-2021-47311",
"url": "https://bugzilla.suse.com/1227752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47311"
},
{
"cve": "CVE-2021-47314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47314"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: fsl_ifc: fix leak of private memory on probe failure\n\nOn probe error the driver should free the memory allocated for private\nstructure. Fix this by using resource-managed allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47314",
"url": "https://www.suse.com/security/cve/CVE-2021-47314"
},
{
"category": "external",
"summary": "SUSE Bug 1224893 for CVE-2021-47314",
"url": "https://bugzilla.suse.com/1224893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47314"
},
{
"cve": "CVE-2021-47315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47315"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: fsl_ifc: fix leak of IO mapping on probe failure\n\nOn probe error the driver should unmap the IO memory. Smatch reports:\n\n drivers/memory/fsl_ifc.c:298 fsl_ifc_ctrl_probe() warn: \u0027fsl_ifc_ctrl_dev-\u003egregs\u0027 not released on lines: 298.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47315",
"url": "https://www.suse.com/security/cve/CVE-2021-47315"
},
{
"category": "external",
"summary": "SUSE Bug 1224892 for CVE-2021-47315",
"url": "https://bugzilla.suse.com/1224892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47315"
},
{
"cve": "CVE-2021-47319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47319"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: Fix memory leak among suspend/resume procedure\n\nThe vblk-\u003evqs should be freed before we call init_vqs()\nin virtblk_restore().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47319",
"url": "https://www.suse.com/security/cve/CVE-2021-47319"
},
{
"category": "external",
"summary": "SUSE Bug 1225054 for CVE-2021-47319",
"url": "https://bugzilla.suse.com/1225054"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47319"
},
{
"cve": "CVE-2021-47320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix acl memory leak of posix_acl_create()\n\nWhen looking into another nfs xfstests report, I found acl and\ndefault_acl in nfs3_proc_create() and nfs3_proc_mknod() error\npaths are possibly leaked. Fix them in advance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47320",
"url": "https://www.suse.com/security/cve/CVE-2021-47320"
},
{
"category": "external",
"summary": "SUSE Bug 1225058 for CVE-2021-47320",
"url": "https://bugzilla.suse.com/1225058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47320"
},
{
"cve": "CVE-2021-47321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47321"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: Fix possible use-after-free by calling del_timer_sync()\n\nThis driver\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47321",
"url": "https://www.suse.com/security/cve/CVE-2021-47321"
},
{
"category": "external",
"summary": "SUSE Bug 1225060 for CVE-2021-47321",
"url": "https://bugzilla.suse.com/1225060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47321"
},
{
"cve": "CVE-2021-47323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47323"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47323",
"url": "https://www.suse.com/security/cve/CVE-2021-47323"
},
{
"category": "external",
"summary": "SUSE Bug 1225026 for CVE-2021-47323",
"url": "https://bugzilla.suse.com/1225026"
},
{
"category": "external",
"summary": "SUSE Bug 1227557 for CVE-2021-47323",
"url": "https://bugzilla.suse.com/1227557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47323"
},
{
"cve": "CVE-2021-47324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: Fix possible use-after-free in wdt_startup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47324",
"url": "https://www.suse.com/security/cve/CVE-2021-47324"
},
{
"category": "external",
"summary": "SUSE Bug 1225030 for CVE-2021-47324",
"url": "https://bugzilla.suse.com/1225030"
},
{
"category": "external",
"summary": "SUSE Bug 1225038 for CVE-2021-47324",
"url": "https://bugzilla.suse.com/1225038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47324"
},
{
"cve": "CVE-2021-47330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47330"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: 8250: serial_cs: Fix a memory leak in error handling path\n\nIn the probe function, if the final \u0027serial_config()\u0027 fails, \u0027info\u0027 is\nleaking.\n\nAdd a resource handling path to free this memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47330",
"url": "https://www.suse.com/security/cve/CVE-2021-47330"
},
{
"category": "external",
"summary": "SUSE Bug 1225084 for CVE-2021-47330",
"url": "https://bugzilla.suse.com/1225084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47330"
},
{
"cve": "CVE-2021-47334",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47334"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/libmasm/module: Fix two use after free in ibmasm_init_one\n\nIn ibmasm_init_one, it calls ibmasm_init_remote_input_dev().\nInside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are\nallocated by input_allocate_device(), and assigned to\nsp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev respectively.\n\nIn the err_free_devices error branch of ibmasm_init_one,\nmouse_dev and keybd_dev are freed by input_free_device(), and return\nerror. Then the execution runs into error_send_message error branch\nof ibmasm_init_one, where ibmasm_free_remote_input_dev(sp) is called\nto unregister the freed sp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev.\n\nMy patch add a \"error_init_remote\" label to handle the error of\nibmasm_init_remote_input_dev(), to avoid the uaf bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47334",
"url": "https://www.suse.com/security/cve/CVE-2021-47334"
},
{
"category": "external",
"summary": "SUSE Bug 1225112 for CVE-2021-47334",
"url": "https://bugzilla.suse.com/1225112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47334"
},
{
"cve": "CVE-2021-47337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47337"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix bad pointer dereference when ehandler kthread is invalid\n\nCommit 66a834d09293 (\"scsi: core: Fix error handling of scsi_host_alloc()\")\nchanged the allocation logic to call put_device() to perform host cleanup\nwith the assumption that IDA removal and stopping the kthread would\nproperly be performed in scsi_host_dev_release(). However, in the unlikely\ncase that the error handler thread fails to spawn, shost-\u003eehandler is set\nto ERR_PTR(-ENOMEM).\n\nThe error handler cleanup code in scsi_host_dev_release() will call\nkthread_stop() if shost-\u003eehandler != NULL which will always be the case\nwhether the kthread was successfully spawned or not. In the case that it\nfailed to spawn this has the nasty side effect of trying to dereference an\ninvalid pointer when kthread_stop() is called. The following splat provides\nan example of this behavior in the wild:\n\nscsi host11: error handler thread failed to spawn, error = -4\nKernel attempted to read user page (10c) - exploit attempt? (uid: 0)\nBUG: Kernel NULL pointer dereference on read at 0x0000010c\nFaulting instruction address: 0xc00000000818e9a8\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: ibmvscsi(+) scsi_transport_srp dm_multipath dm_mirror dm_region\n hash dm_log dm_mod fuse overlay squashfs loop\nCPU: 12 PID: 274 Comm: systemd-udevd Not tainted 5.13.0-rc7 #1\nNIP: c00000000818e9a8 LR: c0000000089846e8 CTR: 0000000000007ee8\nREGS: c000000037d12ea0 TRAP: 0300 Not tainted (5.13.0-rc7)\nMSR: 800000000280b033 \u0026lt;SF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u0026gt; CR: 28228228\nXER: 20040001\nCFAR: c0000000089846e4 DAR: 000000000000010c DSISR: 40000000 IRQMASK: 0\nGPR00: c0000000089846e8 c000000037d13140 c000000009cc1100 fffffffffffffffc\nGPR04: 0000000000000001 0000000000000000 0000000000000000 c000000037dc0000\nGPR08: 0000000000000000 c000000037dc0000 0000000000000001 00000000fffff7ff\nGPR12: 0000000000008000 c00000000a049000 c000000037d13d00 000000011134d5a0\nGPR16: 0000000000001740 c0080000190d0000 c0080000190d1740 c000000009129288\nGPR20: c000000037d13bc0 0000000000000001 c000000037d13bc0 c0080000190b7898\nGPR24: c0080000190b7708 0000000000000000 c000000033bb2c48 0000000000000000\nGPR28: c000000046b28280 0000000000000000 000000000000010c fffffffffffffffc\nNIP [c00000000818e9a8] kthread_stop+0x38/0x230\nLR [c0000000089846e8] scsi_host_dev_release+0x98/0x160\nCall Trace:\n[c000000033bb2c48] 0xc000000033bb2c48 (unreliable)\n[c0000000089846e8] scsi_host_dev_release+0x98/0x160\n[c00000000891e960] device_release+0x60/0x100\n[c0000000087e55c4] kobject_release+0x84/0x210\n[c00000000891ec78] put_device+0x28/0x40\n[c000000008984ea4] scsi_host_alloc+0x314/0x430\n[c0080000190b38bc] ibmvscsi_probe+0x54/0xad0 [ibmvscsi]\n[c000000008110104] vio_bus_probe+0xa4/0x4b0\n[c00000000892a860] really_probe+0x140/0x680\n[c00000000892aefc] driver_probe_device+0x15c/0x200\n[c00000000892b63c] device_driver_attach+0xcc/0xe0\n[c00000000892b740] __driver_attach+0xf0/0x200\n[c000000008926f28] bus_for_each_dev+0xa8/0x130\n[c000000008929ce4] driver_attach+0x34/0x50\n[c000000008928fc0] bus_add_driver+0x1b0/0x300\n[c00000000892c798] driver_register+0x98/0x1a0\n[c00000000810eb60] __vio_register_driver+0x80/0xe0\n[c0080000190b4a30] ibmvscsi_module_init+0x9c/0xdc [ibmvscsi]\n[c0000000080121d0] do_one_initcall+0x60/0x2d0\n[c000000008261abc] do_init_module+0x7c/0x320\n[c000000008265700] load_module+0x2350/0x25b0\n[c000000008265cb4] __do_sys_finit_module+0xd4/0x160\n[c000000008031110] system_call_exception+0x150/0x2d0\n[c00000000800d35c] system_call_common+0xec/0x278\n\nFix this be nulling shost-\u003eehandler when the kthread fails to spawn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47337",
"url": "https://www.suse.com/security/cve/CVE-2021-47337"
},
{
"category": "external",
"summary": "SUSE Bug 1224926 for CVE-2021-47337",
"url": "https://bugzilla.suse.com/1224926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47337"
},
{
"cve": "CVE-2021-47343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47343"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm btree remove: assign new_root only when removal succeeds\n\nremove_raw() in dm_btree_remove() may fail due to IO read error\n(e.g. read the content of origin block fails during shadowing),\nand the value of shadow_spine::root is uninitialized, but\nthe uninitialized value is still assign to new_root in the\nend of dm_btree_remove().\n\nFor dm-thin, the value of pmd-\u003edetails_root or pmd-\u003eroot will become\nan uninitialized value, so if trying to read details_info tree again\nout-of-bound memory may occur as showed below:\n\n general protection fault, probably for non-canonical address 0x3fdcb14c8d7520\n CPU: 4 PID: 515 Comm: dmsetup Not tainted 5.13.0-rc6\n Hardware name: QEMU Standard PC\n RIP: 0010:metadata_ll_load_ie+0x14/0x30\n Call Trace:\n sm_metadata_count_is_more_than_one+0xb9/0xe0\n dm_tm_shadow_block+0x52/0x1c0\n shadow_step+0x59/0xf0\n remove_raw+0xb2/0x170\n dm_btree_remove+0xf4/0x1c0\n dm_pool_delete_thin_device+0xc3/0x140\n pool_message+0x218/0x2b0\n target_message+0x251/0x290\n ctl_ioctl+0x1c4/0x4d0\n dm_ctl_ioctl+0xe/0x20\n __x64_sys_ioctl+0x7b/0xb0\n do_syscall_64+0x40/0xb0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFixing it by only assign new_root when removal succeeds",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47343",
"url": "https://www.suse.com/security/cve/CVE-2021-47343"
},
{
"category": "external",
"summary": "SUSE Bug 1225155 for CVE-2021-47343",
"url": "https://bugzilla.suse.com/1225155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47343"
},
{
"cve": "CVE-2021-47344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47344"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: zr364xx: fix memory leak in zr364xx_start_readpipe\n\nsyzbot reported memory leak in zr364xx driver.\nThe problem was in non-freed urb in case of\nusb_submit_urb() fail.\n\nbacktrace:\n [\u003cffffffff82baedf6\u003e] kmalloc include/linux/slab.h:561 [inline]\n [\u003cffffffff82baedf6\u003e] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74\n [\u003cffffffff82f7cce8\u003e] zr364xx_start_readpipe+0x78/0x130 drivers/media/usb/zr364xx/zr364xx.c:1022\n [\u003cffffffff84251dfc\u003e] zr364xx_board_init drivers/media/usb/zr364xx/zr364xx.c:1383 [inline]\n [\u003cffffffff84251dfc\u003e] zr364xx_probe+0x6a3/0x851 drivers/media/usb/zr364xx/zr364xx.c:1516\n [\u003cffffffff82bb6507\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [\u003cffffffff826018a9\u003e] really_probe+0x159/0x500 drivers/base/dd.c:576",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47344",
"url": "https://www.suse.com/security/cve/CVE-2021-47344"
},
{
"category": "external",
"summary": "SUSE Bug 1224922 for CVE-2021-47344",
"url": "https://bugzilla.suse.com/1224922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47344"
},
{
"cve": "CVE-2021-47345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix rdma_resolve_route() memory leak\n\nFix a memory leak when \"mda_resolve_route() is called more than once on\nthe same \"rdma_cm_id\".\n\nThis is possible if cma_query_handler() triggers the\nRDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and\nallows rdma_resolve_route() to be called again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47345",
"url": "https://www.suse.com/security/cve/CVE-2021-47345"
},
{
"category": "external",
"summary": "SUSE Bug 1225157 for CVE-2021-47345",
"url": "https://bugzilla.suse.com/1225157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47345"
},
{
"cve": "CVE-2021-47347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47347"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwl1251: Fix possible buffer overflow in wl1251_cmd_scan\n\nFunction wl1251_cmd_scan calls memcpy without checking the length.\nHarden by checking the length is within the maximum allowed size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47347",
"url": "https://www.suse.com/security/cve/CVE-2021-47347"
},
{
"category": "external",
"summary": "SUSE Bug 1225177 for CVE-2021-47347",
"url": "https://bugzilla.suse.com/1225177"
},
{
"category": "external",
"summary": "SUSE Bug 1225305 for CVE-2021-47347",
"url": "https://bugzilla.suse.com/1225305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47347"
},
{
"cve": "CVE-2021-47352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: Add validation for used length\n\nThis adds validation for used length (might come\nfrom an untrusted device) to avoid data corruption\nor loss.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47352",
"url": "https://www.suse.com/security/cve/CVE-2021-47352"
},
{
"category": "external",
"summary": "SUSE Bug 1225124 for CVE-2021-47352",
"url": "https://bugzilla.suse.com/1225124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47352"
},
{
"cve": "CVE-2021-47353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47353"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix NULL pointer dereference in udf_symlink function\n\nIn function udf_symlink, epos.bh is assigned with the value returned\nby udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c\nand returns the value of sb_getblk function that could be NULL.\nThen, epos.bh is used without any check, causing a possible\nNULL pointer dereference when sb_getblk fails.\n\nThis fix adds a check to validate the value of epos.bh.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47353",
"url": "https://www.suse.com/security/cve/CVE-2021-47353"
},
{
"category": "external",
"summary": "SUSE Bug 1225128 for CVE-2021-47353",
"url": "https://bugzilla.suse.com/1225128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47353"
},
{
"cve": "CVE-2021-47355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47355"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: nicstar: Fix possible use-after-free in nicstar_cleanup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47355",
"url": "https://www.suse.com/security/cve/CVE-2021-47355"
},
{
"category": "external",
"summary": "SUSE Bug 1225141 for CVE-2021-47355",
"url": "https://bugzilla.suse.com/1225141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47355"
},
{
"cve": "CVE-2021-47356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47356"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible use-after-free in HFC_cleanup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47356",
"url": "https://www.suse.com/security/cve/CVE-2021-47356"
},
{
"category": "external",
"summary": "SUSE Bug 1225143 for CVE-2021-47356",
"url": "https://bugzilla.suse.com/1225143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47356"
},
{
"cve": "CVE-2021-47357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47357"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: iphase: fix possible use-after-free in ia_module_exit()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47357",
"url": "https://www.suse.com/security/cve/CVE-2021-47357"
},
{
"category": "external",
"summary": "SUSE Bug 1225144 for CVE-2021-47357",
"url": "https://bugzilla.suse.com/1225144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47357"
},
{
"cve": "CVE-2021-47361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmcb: fix error handling in mcb_alloc_bus()\n\nThere are two bugs:\n1) If ida_simple_get() fails then this code calls put_device(carrier)\n but we haven\u0027t yet called get_device(carrier) and probably that\n leads to a use after free.\n2) After device_initialize() then we need to use put_device() to\n release the bus. This will free the internal resources tied to the\n device and call mcb_free_bus() which will free the rest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47361",
"url": "https://www.suse.com/security/cve/CVE-2021-47361"
},
{
"category": "external",
"summary": "SUSE Bug 1225151 for CVE-2021-47361",
"url": "https://bugzilla.suse.com/1225151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47361"
},
{
"cve": "CVE-2021-47362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Update intermediate power state for SI\n\nUpdate the current state as boot state during dpm initialization.\nDuring the subsequent initialization, set_power_state gets called to\ntransition to the final power state. set_power_state refers to values\nfrom the current state and without current state populated, it could\nresult in NULL pointer dereference.\n\nFor ex: on platforms where PCI speed change is supported through ACPI\nATCS method, the link speed of current state needs to be queried before\ndeciding on changing to final power state\u0027s link speed. The logic to query\nATCS-support was broken on certain platforms. The issue became visible\nwhen broken ATCS-support logic got fixed with commit\nf9b7f3703ff9 (\"drm/amdgpu/acpi: make ATPX/ATCS structures global (v2)\").\n\nBug: https://gitlab.freedesktop.org/drm/amd/-/issues/1698",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47362",
"url": "https://www.suse.com/security/cve/CVE-2021-47362"
},
{
"category": "external",
"summary": "SUSE Bug 1225153 for CVE-2021-47362",
"url": "https://bugzilla.suse.com/1225153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47362"
},
{
"cve": "CVE-2021-47369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47369"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix NULL deref in qeth_clear_working_pool_list()\n\nWhen qeth_set_online() calls qeth_clear_working_pool_list() to roll\nback after an error exit from qeth_hardsetup_card(), we are at risk of\naccessing card-\u003eqdio.in_q before it was allocated by\nqeth_alloc_qdio_queues() via qeth_mpc_initialize().\n\nqeth_clear_working_pool_list() then dereferences NULL, and by writing to\nqueue-\u003ebufs[i].pool_entry scribbles all over the CPU\u0027s lowcore.\nResulting in a crash when those lowcore areas are used next (eg. on\nthe next machine-check interrupt).\n\nSuch a scenario would typically happen when the device is first set\nonline and its queues aren\u0027t allocated yet. An early IO error or certain\nmisconfigs (eg. mismatched transport mode, bad portno) then cause us to\nerror out from qeth_hardsetup_card() with card-\u003eqdio.in_q still being\nNULL.\n\nFix it by checking the pointer for NULL before accessing it.\n\nNote that we also have (rare) paths inside qeth_mpc_initialize() where\na configuration change can cause us to free the existing queues,\nexpecting that subsequent code will allocate them again. If we then\nerror out before that re-allocation happens, the same bug occurs.\n\nRoot-caused-by: Heiko Carstens \u003chca@linux.ibm.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47369",
"url": "https://www.suse.com/security/cve/CVE-2021-47369"
},
{
"category": "external",
"summary": "SUSE Bug 1225164 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "external",
"summary": "SUSE Bug 1227324 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1227324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47369"
},
{
"cve": "CVE-2021-47375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblktrace: Fix uaf in blk_trace access after removing by sysfs\n\nThere is an use-after-free problem triggered by following process:\n\n P1(sda)\t\t\t\tP2(sdb)\n\t\t\techo 0 \u003e /sys/block/sdb/trace/enable\n\t\t\t blk_trace_remove_queue\n\t\t\t synchronize_rcu\n\t\t\t blk_trace_free\n\t\t\t relay_close\nrcu_read_lock\n__blk_add_trace\n trace_note_tsk\n (Iterate running_trace_list)\n\t\t\t relay_close_buf\n\t\t\t\t relay_destroy_buf\n\t\t\t\t kfree(buf)\n trace_note(sdb\u0027s bt)\n relay_reserve\n buf-\u003eoffset \u003c- nullptr deference (use-after-free) !!!\nrcu_read_unlock\n\n[ 502.714379] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n[ 502.715260] #PF: supervisor read access in kernel mode\n[ 502.715903] #PF: error_code(0x0000) - not-present page\n[ 502.716546] PGD 103984067 P4D 103984067 PUD 17592b067 PMD 0\n[ 502.717252] Oops: 0000 [#1] SMP\n[ 502.720308] RIP: 0010:trace_note.isra.0+0x86/0x360\n[ 502.732872] Call Trace:\n[ 502.733193] __blk_add_trace.cold+0x137/0x1a3\n[ 502.733734] blk_add_trace_rq+0x7b/0xd0\n[ 502.734207] blk_add_trace_rq_issue+0x54/0xa0\n[ 502.734755] blk_mq_start_request+0xde/0x1b0\n[ 502.735287] scsi_queue_rq+0x528/0x1140\n...\n[ 502.742704] sg_new_write.isra.0+0x16e/0x3e0\n[ 502.747501] sg_ioctl+0x466/0x1100\n\nReproduce method:\n ioctl(/dev/sda, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sda, BLKTRACESTART)\n ioctl(/dev/sdb, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sdb, BLKTRACESTART)\n\n echo 0 \u003e /sys/block/sdb/trace/enable \u0026\n // Add delay(mdelay/msleep) before kernel enters blk_trace_free()\n\n ioctl$SG_IO(/dev/sda, SG_IO, ...)\n // Enters trace_note_tsk() after blk_trace_free() returned\n // Use mdelay in rcu region rather than msleep(which may schedule out)\n\nRemove blk_trace from running_list before calling blk_trace_free() by\nsysfs if blk_trace is at Blktrace_running state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47375",
"url": "https://www.suse.com/security/cve/CVE-2021-47375"
},
{
"category": "external",
"summary": "SUSE Bug 1225193 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "external",
"summary": "SUSE Bug 1225194 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47375"
},
{
"cve": "CVE-2021-47378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: destroy cm id before destroy qp to avoid use after free\n\nWe should always destroy cm_id before destroy qp to avoid to get cma\nevent after qp was destroyed, which may lead to use after free.\nIn RDMA connection establishment error flow, don\u0027t destroy qp in cm\nevent handler.Just report cm_error to upper level, qp will be destroy\nin nvme_rdma_alloc_queue() after destroy cm id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47378",
"url": "https://www.suse.com/security/cve/CVE-2021-47378"
},
{
"category": "external",
"summary": "SUSE Bug 1225201 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "external",
"summary": "SUSE Bug 1225202 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47378"
},
{
"cve": "CVE-2021-47382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47382"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix deadlock during failing recovery\n\nCommit 0b9902c1fcc5 (\"s390/qeth: fix deadlock during recovery\") removed\ntaking discipline_mutex inside qeth_do_reset(), fixing potential\ndeadlocks. An error path was missed though, that still takes\ndiscipline_mutex and thus has the original deadlock potential.\n\nIntermittent deadlocks were seen when a qeth channel path is configured\noffline, causing a race between qeth_do_reset and ccwgroup_remove.\nCall qeth_set_offline() directly in the qeth_do_reset() error case and\nthen a new variant of ccwgroup_set_offline(), without taking\ndiscipline_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47382",
"url": "https://www.suse.com/security/cve/CVE-2021-47382"
},
{
"category": "external",
"summary": "SUSE Bug 1225207 for CVE-2021-47382",
"url": "https://bugzilla.suse.com/1225207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47382"
},
{
"cve": "CVE-2021-47383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn\u0027t call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47383",
"url": "https://www.suse.com/security/cve/CVE-2021-47383"
},
{
"category": "external",
"summary": "SUSE Bug 1225208 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "external",
"summary": "SUSE Bug 1225211 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47383"
},
{
"cve": "CVE-2021-47391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests\n\nThe FSM can run in a circle allowing rdma_resolve_ip() to be called twice\non the same id_priv. While this cannot happen without going through the\nwork, it violates the invariant that the same address resolution\nbackground request cannot be active twice.\n\n CPU 1 CPU 2\n\nrdma_resolve_addr():\n RDMA_CM_IDLE -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler) #1\n\n\t\t\t process_one_req(): for #1\n addr_handler():\n RDMA_CM_ADDR_QUERY -\u003e RDMA_CM_ADDR_BOUND\n mutex_unlock(\u0026id_priv-\u003ehandler_mutex);\n [.. handler still running ..]\n\nrdma_resolve_addr():\n RDMA_CM_ADDR_BOUND -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler)\n !! two requests are now on the req_list\n\nrdma_destroy_id():\n destroy_id_handler_unlock():\n _destroy_id():\n cma_cancel_operation():\n rdma_addr_cancel()\n\n // process_one_req() self removes it\n\t\t spin_lock_bh(\u0026lock);\n cancel_delayed_work(\u0026req-\u003ework);\n\t if (!list_empty(\u0026req-\u003elist)) == true\n\n ! rdma_addr_cancel() returns after process_on_req #1 is done\n\n kfree(id_priv)\n\n\t\t\t process_one_req(): for #2\n addr_handler():\n\t mutex_lock(\u0026id_priv-\u003ehandler_mutex);\n !! Use after free on id_priv\n\nrdma_addr_cancel() expects there to be one req on the list and only\ncancels the first one. The self-removal behavior of the work only happens\nafter the handler has returned. This yields a situations where the\nreq_list can have two reqs for the same \"handle\" but rdma_addr_cancel()\nonly cancels the first one.\n\nThe second req remains active beyond rdma_destroy_id() and will\nuse-after-free id_priv once it inevitably triggers.\n\nFix this by remembering if the id_priv has called rdma_resolve_ip() and\nalways cancel before calling it again. This ensures the req_list never\ngets more than one item in it and doesn\u0027t cost anything in the normal flow\nthat never uses this strange error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47391",
"url": "https://www.suse.com/security/cve/CVE-2021-47391"
},
{
"category": "external",
"summary": "SUSE Bug 1225318 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "external",
"summary": "SUSE Bug 1225319 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47391"
},
{
"cve": "CVE-2021-47397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb\n\nWe should always check if skb_header_pointer\u0027s return is NULL before\nusing it, otherwise it may cause null-ptr-deref, as syzbot reported:\n\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:sctp_rcv_ootb net/sctp/input.c:705 [inline]\n RIP: 0010:sctp_rcv+0x1d84/0x3220 net/sctp/input.c:196\n Call Trace:\n \u003cIRQ\u003e\n sctp6_rcv+0x38/0x60 net/sctp/ipv6.c:1109\n ip6_protocol_deliver_rcu+0x2e9/0x1ca0 net/ipv6/ip6_input.c:422\n ip6_input_finish+0x62/0x170 net/ipv6/ip6_input.c:463\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:472\n dst_input include/net/dst.h:460 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline]\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ipv6_rcv+0x28c/0x3c0 net/ipv6/ip6_input.c:297",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47397",
"url": "https://www.suse.com/security/cve/CVE-2021-47397"
},
{
"category": "external",
"summary": "SUSE Bug 1225082 for CVE-2021-47397",
"url": "https://bugzilla.suse.com/1225082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47397"
},
{
"cve": "CVE-2021-47400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: do not allow call hns3_nic_net_open repeatedly\n\nhns3_nic_net_open() is not allowed to called repeatly, but there\nis no checking for this. When doing device reset and setup tc\nconcurrently, there is a small oppotunity to call hns3_nic_net_open\nrepeatedly, and cause kernel bug by calling napi_enable twice.\n\nThe calltrace information is like below:\n[ 3078.222780] ------------[ cut here ]------------\n[ 3078.230255] kernel BUG at net/core/dev.c:6991!\n[ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O)\n[ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G O 5.14.0-rc4+ #1\n[ 3078.269102] Hardware name: , BIOS KpxxxFPGA 1P B600 V181 08/12/2021\n[ 3078.276801] Workqueue: hclge hclge_service_task [hclge]\n[ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[ 3078.296168] pc : napi_enable+0x80/0x84\ntc qdisc sho[w 3d0e7v8 .e3t0h218 79] lr : hns3_nic_net_open+0x138/0x510 [hns3]\n\n[ 3078.314771] sp : ffff8000108abb20\n[ 3078.319099] x29: ffff8000108abb20 x28: 0000000000000000 x27: ffff0820a8490300\n[ 3078.329121] x26: 0000000000000001 x25: ffff08209cfc6200 x24: 0000000000000000\n[ 3078.339044] x23: ffff0820a8490300 x22: ffff08209cd76000 x21: ffff0820abfe3880\n[ 3078.349018] x20: 0000000000000000 x19: ffff08209cd76900 x18: 0000000000000000\n[ 3078.358620] x17: 0000000000000000 x16: ffffc816e1727a50 x15: 0000ffff8f4ff930\n[ 3078.368895] x14: 0000000000000000 x13: 0000000000000000 x12: 0000259e9dbeb6b4\n[ 3078.377987] x11: 0096a8f7e764eb40 x10: 634615ad28d3eab5 x9 : ffffc816ad8885b8\n[ 3078.387091] x8 : ffff08209cfc6fb8 x7 : ffff0820ac0da058 x6 : ffff0820a8490344\n[ 3078.396356] x5 : 0000000000000140 x4 : 0000000000000003 x3 : ffff08209cd76938\n[ 3078.405365] x2 : 0000000000000000 x1 : 0000000000000010 x0 : ffff0820abfe38a0\n[ 3078.414657] Call trace:\n[ 3078.418517] napi_enable+0x80/0x84\n[ 3078.424626] hns3_reset_notify_up_enet+0x78/0xd0 [hns3]\n[ 3078.433469] hns3_reset_notify+0x64/0x80 [hns3]\n[ 3078.441430] hclge_notify_client+0x68/0xb0 [hclge]\n[ 3078.450511] hclge_reset_rebuild+0x524/0x884 [hclge]\n[ 3078.458879] hclge_reset_service_task+0x3c4/0x680 [hclge]\n[ 3078.467470] hclge_service_task+0xb0/0xb54 [hclge]\n[ 3078.475675] process_one_work+0x1dc/0x48c\n[ 3078.481888] worker_thread+0x15c/0x464\n[ 3078.487104] kthread+0x160/0x170\n[ 3078.492479] ret_from_fork+0x10/0x18\n[ 3078.498785] Code: c8027c81 35ffffa2 d50323bf d65f03c0 (d4210000)\n[ 3078.506889] ---[ end trace 8ebe0340a1b0fb44 ]---\n\nOnce hns3_nic_net_open() is excute success, the flag\nHNS3_NIC_STATE_DOWN will be cleared. So add checking for this\nflag, directly return when HNS3_NIC_STATE_DOWN is no set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47400",
"url": "https://www.suse.com/security/cve/CVE-2021-47400"
},
{
"category": "external",
"summary": "SUSE Bug 1225329 for CVE-2021-47400",
"url": "https://bugzilla.suse.com/1225329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47400"
},
{
"cve": "CVE-2021-47401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipack: ipoctal: fix stack information leak\n\nThe tty driver name is used also after registering the driver and must\nspecifically not be allocated on the stack to avoid leaking information\nto user space (or triggering an oops).\n\nDrivers should not try to encode topology information in the tty device\nname but this one snuck in through staging without anyone noticing and\nanother driver has since copied this malpractice.\n\nFixing the ABI is a separate issue, but this at least plugs the security\nhole.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47401",
"url": "https://www.suse.com/security/cve/CVE-2021-47401"
},
{
"category": "external",
"summary": "SUSE Bug 1225242 for CVE-2021-47401",
"url": "https://bugzilla.suse.com/1225242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47401"
},
{
"cve": "CVE-2021-47404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: fix slab-out-of-bounds Write in betop_probe\n\nSyzbot reported slab-out-of-bounds Write bug in hid-betopff driver.\nThe problem is the driver assumes the device must have an input report but\nsome malicious devices violate this assumption.\n\nSo this patch checks hid_device\u0027s input is non empty before it\u0027s been used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47404",
"url": "https://www.suse.com/security/cve/CVE-2021-47404"
},
{
"category": "external",
"summary": "SUSE Bug 1225303 for CVE-2021-47404",
"url": "https://bugzilla.suse.com/1225303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47404"
},
{
"cve": "CVE-2021-47409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47409",
"url": "https://www.suse.com/security/cve/CVE-2021-47409"
},
{
"category": "external",
"summary": "SUSE Bug 1225330 for CVE-2021-47409",
"url": "https://bugzilla.suse.com/1225330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47409"
},
{
"cve": "CVE-2021-47416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: mdio: fix memory leak\n\nSyzbot reported memory leak in MDIO bus interface, the problem was in\nwrong state logic.\n\nMDIOBUS_ALLOCATED indicates 2 states:\n\t1. Bus is only allocated\n\t2. Bus allocated and __mdiobus_register() fails, but\n\t device_register() was called\n\nIn case of device_register() has been called we should call put_device()\nto correctly free the memory allocated for this device, but mdiobus_free()\ncalls just kfree(dev) in case of MDIOBUS_ALLOCATED state\n\nTo avoid this behaviour we need to set bus-\u003estate to MDIOBUS_UNREGISTERED\n_before_ calling device_register(), because put_device() should be\ncalled even in case of device_register() failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47416",
"url": "https://www.suse.com/security/cve/CVE-2021-47416"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "external",
"summary": "SUSE Bug 1225336 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47416"
},
{
"cve": "CVE-2021-47423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47423"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/debugfs: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47423",
"url": "https://www.suse.com/security/cve/CVE-2021-47423"
},
{
"category": "external",
"summary": "SUSE Bug 1225366 for CVE-2021-47423",
"url": "https://bugzilla.suse.com/1225366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47423"
},
{
"cve": "CVE-2021-47424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47424"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n Trying to free already-free IRQ 266\n WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__free_irq+0x9a/0x300\n Call Trace:\n ? synchronize_irq+0x3a/0xa0\n free_irq+0x2e/0x60\n i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n i40e_probe.part.108+0x134b/0x1a40 [i40e]\n ? kmem_cache_alloc+0x158/0x1c0\n ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n ? acpi_ut_update_object_reference+0x15e/0x1e2\n ? strstr+0x21/0x70\n ? irq_get_irq_data+0xa/0x20\n ? mp_check_pin_attr+0x13/0xc0\n ? irq_get_irq_data+0xa/0x20\n ? mp_map_pin_to_irq+0xd3/0x2f0\n ? acpi_register_gsi_ioapic+0x93/0x170\n ? pci_conf1_read+0xa4/0x100\n ? pci_bus_read_config_word+0x49/0x70\n ? do_pci_enable_device+0xcc/0x100\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47424",
"url": "https://www.suse.com/security/cve/CVE-2021-47424"
},
{
"category": "external",
"summary": "SUSE Bug 1225367 for CVE-2021-47424",
"url": "https://bugzilla.suse.com/1225367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47424"
},
{
"cve": "CVE-2021-47431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix gart.bo pin_count leak\n\ngmc_v{9,10}_0_gart_disable() isn\u0027t called matched with\ncorrespoding gart_enbale function in SRIOV case. This will\nlead to gart.bo pin_count leak on driver unload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47431",
"url": "https://www.suse.com/security/cve/CVE-2021-47431"
},
{
"category": "external",
"summary": "SUSE Bug 1225390 for CVE-2021-47431",
"url": "https://bugzilla.suse.com/1225390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47431"
},
{
"cve": "CVE-2021-47435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47435",
"url": "https://www.suse.com/security/cve/CVE-2021-47435"
},
{
"category": "external",
"summary": "SUSE Bug 1225247 for CVE-2021-47435",
"url": "https://bugzilla.suse.com/1225247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47435"
},
{
"cve": "CVE-2021-47436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47436",
"url": "https://www.suse.com/security/cve/CVE-2021-47436"
},
{
"category": "external",
"summary": "SUSE Bug 1225244 for CVE-2021-47436",
"url": "https://bugzilla.suse.com/1225244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47436"
},
{
"cve": "CVE-2021-47456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_pci: peak_pci_remove(): fix UAF\n\nWhen remove the module peek_pci, referencing \u0027chan\u0027 again after\nreleasing \u0027dev\u0027 will cause UAF.\n\nFix this by releasing \u0027dev\u0027 later.\n\nThe following log reveals it:\n\n[ 35.961814 ] BUG: KASAN: use-after-free in peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.963414 ] Read of size 8 at addr ffff888136998ee8 by task modprobe/5537\n[ 35.965513 ] Call Trace:\n[ 35.965718 ] dump_stack_lvl+0xa8/0xd1\n[ 35.966028 ] print_address_description+0x87/0x3b0\n[ 35.966420 ] kasan_report+0x172/0x1c0\n[ 35.966725 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967137 ] ? trace_irq_enable_rcuidle+0x10/0x170\n[ 35.967529 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967945 ] __asan_report_load8_noabort+0x14/0x20\n[ 35.968346 ] peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.968752 ] pci_device_remove+0xa9/0x250",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47456",
"url": "https://www.suse.com/security/cve/CVE-2021-47456"
},
{
"category": "external",
"summary": "SUSE Bug 1225256 for CVE-2021-47456",
"url": "https://bugzilla.suse.com/1225256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47456"
},
{
"cve": "CVE-2021-47458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: mount fails with buffer overflow in strlen\n\nStarting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an\nocfs2 filesystem with either o2cb or pcmk cluster stack fails with the\ntrace below. Problem seems to be that strings for cluster stack and\ncluster name are not guaranteed to be null terminated in the disk\nrepresentation, while strlcpy assumes that the source string is always\nnull terminated. This causes a read outside of the source string\ntriggering the buffer overflow detection.\n\n detected buffer overflow in strlen\n ------------[ cut here ]------------\n kernel BUG at lib/string.c:1149!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 1 PID: 910 Comm: mount.ocfs2 Not tainted 5.14.0-1-amd64 #1\n Debian 5.14.6-2\n RIP: 0010:fortify_panic+0xf/0x11\n ...\n Call Trace:\n ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]\n ocfs2_fill_super+0x359/0x19b0 [ocfs2]\n mount_bdev+0x185/0x1b0\n legacy_get_tree+0x27/0x40\n vfs_get_tree+0x25/0xb0\n path_mount+0x454/0xa20\n __x64_sys_mount+0x103/0x140\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47458",
"url": "https://www.suse.com/security/cve/CVE-2021-47458"
},
{
"category": "external",
"summary": "SUSE Bug 1225252 for CVE-2021-47458",
"url": "https://bugzilla.suse.com/1225252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47458"
},
{
"cve": "CVE-2021-47460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after conversion from inline format\n\nCommit 6dbf7bb55598 (\"fs: Don\u0027t invalidate page buffers in\nblock_write_full_page()\") uncovered a latent bug in ocfs2 conversion\nfrom inline inode format to a normal inode format.\n\nThe code in ocfs2_convert_inline_data_to_extents() attempts to zero out\nthe whole cluster allocated for file data by grabbing, zeroing, and\ndirtying all pages covering this cluster. However these pages are\nbeyond i_size, thus writeback code generally ignores these dirty pages\nand no blocks were ever actually zeroed on the disk.\n\nThis oversight was fixed by commit 693c241a5f6a (\"ocfs2: No need to zero\npages past i_size.\") for standard ocfs2 write path, inline conversion\npath was apparently forgotten; the commit log also has a reasoning why\nthe zeroing actually is not needed.\n\nAfter commit 6dbf7bb55598, things became worse as writeback code stopped\ninvalidating buffers on pages beyond i_size and thus these pages end up\nwith clean PageDirty bit but with buffers attached to these pages being\nstill dirty. So when a file is converted from inline format, then\nwriteback triggers, and then the file is grown so that these pages\nbecome valid, the invalid dirtiness state is preserved,\nmark_buffer_dirty() does nothing on these pages (buffers are already\ndirty) but page is never written back because it is clean. So data\nwritten to these pages is lost once pages are reclaimed.\n\nSimple reproducer for the problem is:\n\n xfs_io -f -c \"pwrite 0 2000\" -c \"pwrite 2000 2000\" -c \"fsync\" \\\n -c \"pwrite 4000 2000\" ocfs2_file\n\nAfter unmounting and mounting the fs again, you can observe that end of\n\u0027ocfs2_file\u0027 has lost its contents.\n\nFix the problem by not doing the pointless zeroing during conversion\nfrom inline format similarly as in the standard write path.\n\n[akpm@linux-foundation.org: fix whitespace, per Joseph]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47460",
"url": "https://www.suse.com/security/cve/CVE-2021-47460"
},
{
"category": "external",
"summary": "SUSE Bug 1225251 for CVE-2021-47460",
"url": "https://bugzilla.suse.com/1225251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47460"
},
{
"cve": "CVE-2021-47469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47469"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47469",
"url": "https://www.suse.com/security/cve/CVE-2021-47469"
},
{
"category": "external",
"summary": "SUSE Bug 1225347 for CVE-2021-47469",
"url": "https://bugzilla.suse.com/1225347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47469"
},
{
"cve": "CVE-2021-47472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47472"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47472",
"url": "https://www.suse.com/security/cve/CVE-2021-47472"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47472",
"url": "https://bugzilla.suse.com/1225189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47472"
},
{
"cve": "CVE-2021-47473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()\n\nCommit 8c0eb596baa5 (\"[SCSI] qla2xxx: Fix a memory leak in an error path of\nqla2x00_process_els()\"), intended to change:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_HST_ELS_NOLOGIN\n\n\n bsg_job-\u003erequest-\u003emsgcode != FC_BSG_RPT_ELS\n\nbut changed it to:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_RPT_ELS\n\ninstead.\n\nChange the == to a != to avoid leaking the fcport structure or freeing\nunallocated memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47473",
"url": "https://www.suse.com/security/cve/CVE-2021-47473"
},
{
"category": "external",
"summary": "SUSE Bug 1225192 for CVE-2021-47473",
"url": "https://bugzilla.suse.com/1225192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2021-47473"
},
{
"cve": "CVE-2021-47478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Fix out of bound access for corrupted isofs image\n\nWhen isofs image is suitably corrupted isofs_read_inode() can read data\nbeyond the end of buffer. Sanity-check the directory entry length before\nusing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47478",
"url": "https://www.suse.com/security/cve/CVE-2021-47478"
},
{
"category": "external",
"summary": "SUSE Bug 1225198 for CVE-2021-47478",
"url": "https://bugzilla.suse.com/1225198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47478"
},
{
"cve": "CVE-2021-47480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\nhost instance is released because shost-\u003ehostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\nreported by Changhui and Yi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47480",
"url": "https://www.suse.com/security/cve/CVE-2021-47480"
},
{
"category": "external",
"summary": "SUSE Bug 1225322 for CVE-2021-47480",
"url": "https://bugzilla.suse.com/1225322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47480"
},
{
"cve": "CVE-2021-47483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: Fix possible double-free in regcache_rbtree_exit()\n\nIn regcache_rbtree_insert_to_block(), when \u0027present\u0027 realloc failed,\nthe \u0027blk\u0027 which is supposed to assign to \u0027rbnode-\u003eblock\u0027 will be freed,\nso \u0027rbnode-\u003eblock\u0027 points a freed memory, in the error handling path of\nregcache_rbtree_init(), \u0027rbnode-\u003eblock\u0027 will be freed again in\nregcache_rbtree_exit(), KASAN will report double-free as follows:\n\nBUG: KASAN: double-free or invalid-free in kfree+0xce/0x390\nCall Trace:\n slab_free_freelist_hook+0x10d/0x240\n kfree+0xce/0x390\n regcache_rbtree_exit+0x15d/0x1a0\n regcache_rbtree_init+0x224/0x2c0\n regcache_init+0x88d/0x1310\n __regmap_init+0x3151/0x4a80\n __devm_regmap_init+0x7d/0x100\n madera_spi_probe+0x10f/0x333 [madera_spi]\n spi_probe+0x183/0x210\n really_probe+0x285/0xc30\n\nTo fix this, moving up the assignment of rbnode-\u003eblock to immediately after\nthe reallocation has succeeded so that the data structure stays valid even\nif the second reallocation fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47483",
"url": "https://www.suse.com/security/cve/CVE-2021-47483"
},
{
"category": "external",
"summary": "SUSE Bug 1224907 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "external",
"summary": "SUSE Bug 1224908 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47483"
},
{
"cve": "CVE-2021-47485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47485",
"url": "https://www.suse.com/security/cve/CVE-2021-47485"
},
{
"category": "external",
"summary": "SUSE Bug 1224904 for CVE-2021-47485",
"url": "https://bugzilla.suse.com/1224904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47485"
},
{
"cve": "CVE-2021-47495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: sanity check for maxpacket\n\nmaxpacket of 0 makes no sense and oopses as we need to divide\nby it. Give up.\n\nV2: fixed typo in log and stylistic issues",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47495",
"url": "https://www.suse.com/security/cve/CVE-2021-47495"
},
{
"category": "external",
"summary": "SUSE Bug 1225351 for CVE-2021-47495",
"url": "https://bugzilla.suse.com/1225351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47495"
},
{
"cve": "CVE-2021-47496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix flipped sign in tls_err_abort() calls\n\nsk-\u003esk_err appears to expect a positive value, a convention that ktls\ndoesn\u0027t always follow and that leads to memory corruption in other code.\nFor instance,\n\n [kworker]\n tls_encrypt_done(..., err=\u003cnegative error from crypto request\u003e)\n tls_err_abort(.., err)\n sk-\u003esk_err = err;\n\n [task]\n splice_from_pipe_feed\n ...\n tls_sw_do_sendpage\n if (sk-\u003esk_err) {\n ret = -sk-\u003esk_err; // ret is positive\n\n splice_from_pipe_feed (continued)\n ret = actor(...) // ret is still positive and interpreted as bytes\n // written, resulting in underflow of buf-\u003elen and\n // sd-\u003elen, leading to huge buf-\u003eoffset and bogus\n // addresses computed in later calls to actor()\n\nFix all tls_err_abort() callers to pass a negative error code\nconsistently and centralize the error-prone sign flip there, throwing in\na warning to catch future misuse and uninlining the function so it\nreally does only warn once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47496",
"url": "https://www.suse.com/security/cve/CVE-2021-47496"
},
{
"category": "external",
"summary": "SUSE Bug 1225354 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "external",
"summary": "SUSE Bug 1227656 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1227656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47496"
},
{
"cve": "CVE-2021-47497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47497"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\n\nIf a cell has \u0027nbits\u0027 equal to a multiple of BITS_PER_BYTE the logic\n\n *p \u0026= GENMASK((cell-\u003enbits%BITS_PER_BYTE) - 1, 0);\n\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\n\nUBSAN reports this problem:\n\n UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\n shift exponent 64 is too large for 64-bit type \u0027unsigned long\u0027\n CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\n Hardware name: Google Lazor (rev3+) with KB Backlight (DT)\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n dump_backtrace+0x0/0x170\n show_stack+0x24/0x30\n dump_stack_lvl+0x64/0x7c\n dump_stack+0x18/0x38\n ubsan_epilogue+0x10/0x54\n __ubsan_handle_shift_out_of_bounds+0x180/0x194\n __nvmem_cell_read+0x1ec/0x21c\n nvmem_cell_read+0x58/0x94\n nvmem_cell_read_variable_common+0x4c/0xb0\n nvmem_cell_read_variable_le_u32+0x40/0x100\n a6xx_gpu_init+0x170/0x2f4\n adreno_bind+0x174/0x284\n component_bind_all+0xf0/0x264\n msm_drm_bind+0x1d8/0x7a0\n try_to_bring_up_master+0x164/0x1ac\n __component_add+0xbc/0x13c\n component_add+0x20/0x2c\n dp_display_probe+0x340/0x384\n platform_probe+0xc0/0x100\n really_probe+0x110/0x304\n __driver_probe_device+0xb8/0x120\n driver_probe_device+0x4c/0xfc\n __device_attach_driver+0xb0/0x128\n bus_for_each_drv+0x90/0xdc\n __device_attach+0xc8/0x174\n device_initial_probe+0x20/0x2c\n bus_probe_device+0x40/0xa4\n deferred_probe_work_func+0x7c/0xb8\n process_one_work+0x128/0x21c\n process_scheduled_works+0x40/0x54\n worker_thread+0x1ec/0x2a8\n kthread+0x138/0x158\n ret_from_fork+0x10/0x20\n\nFix it by making sure there are any bits to mask out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47497",
"url": "https://www.suse.com/security/cve/CVE-2021-47497"
},
{
"category": "external",
"summary": "SUSE Bug 1225355 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "external",
"summary": "SUSE Bug 1227655 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1227655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47497"
},
{
"cve": "CVE-2021-47500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47500",
"url": "https://www.suse.com/security/cve/CVE-2021-47500"
},
{
"category": "external",
"summary": "SUSE Bug 1225360 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "external",
"summary": "SUSE Bug 1227698 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1227698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47500"
},
{
"cve": "CVE-2021-47506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix use-after-free due to delegation race\n\nA delegation break could arrive as soon as we\u0027ve called vfs_setlease. A\ndelegation break runs a callback which immediately (in\nnfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we\nthen exit nfs4_set_delegation without hashing the delegation, it will be\nfreed as soon as the callback is done with it, without ever being\nremoved from del_recall_lru.\n\nSymptoms show up later as use-after-free or list corruption warnings,\nusually in the laundromat thread.\n\nI suspect aba2072f4523 \"nfsd: grant read delegations to clients holding\nwrites\" made this bug easier to hit, but I looked as far back as v3.0\nand it looks to me it already had the same problem. So I\u0027m not sure\nwhere the bug was introduced; it may have been there from the beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47506",
"url": "https://www.suse.com/security/cve/CVE-2021-47506"
},
{
"category": "external",
"summary": "SUSE Bug 1225404 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "external",
"summary": "SUSE Bug 1227497 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1227497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47506"
},
{
"cve": "CVE-2021-47509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Limit the period size to 16MB\n\nSet the practical limit to the period size (the fragment shift in OSS)\ninstead of a full 31bit; a too large value could lead to the exhaust\nof memory as we allocate temporary buffers of the period size, too.\n\nAs of this patch, we set to 16MB limit, which should cover all use\ncases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47509",
"url": "https://www.suse.com/security/cve/CVE-2021-47509"
},
{
"category": "external",
"summary": "SUSE Bug 1225409 for CVE-2021-47509",
"url": "https://bugzilla.suse.com/1225409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47509"
},
{
"cve": "CVE-2021-47511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix negative period/buffer sizes\n\nThe period size calculation in OSS layer may receive a negative value\nas an error, but the code there assumes only the positive values and\nhandle them with size_t. Due to that, a too big value may be passed\nto the lower layers.\n\nThis patch changes the code to handle with ssize_t and adds the proper\nerror checks appropriately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47511",
"url": "https://www.suse.com/security/cve/CVE-2021-47511"
},
{
"category": "external",
"summary": "SUSE Bug 1225411 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "external",
"summary": "SUSE Bug 1227700 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1227700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47511"
},
{
"cve": "CVE-2021-47523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47523"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr\n\nThis buffer is currently allocated in hfi1_init():\n\n\tif (reinit)\n\t\tret = init_after_reset(dd);\n\telse\n\t\tret = loadtime_init(dd);\n\tif (ret)\n\t\tgoto done;\n\n\t/* allocate dummy tail memory for all receive contexts */\n\tdd-\u003ercvhdrtail_dummy_kvaddr = dma_alloc_coherent(\u0026dd-\u003epcidev-\u003edev,\n\t\t\t\t\t\t\t sizeof(u64),\n\t\t\t\t\t\t\t \u0026dd-\u003ercvhdrtail_dummy_dma,\n\t\t\t\t\t\t\t GFP_KERNEL);\n\n\tif (!dd-\u003ercvhdrtail_dummy_kvaddr) {\n\t\tdd_dev_err(dd, \"cannot allocate dummy tail memory\\n\");\n\t\tret = -ENOMEM;\n\t\tgoto done;\n\t}\n\nThe reinit triggered path will overwrite the old allocation and leak it.\n\nFix by moving the allocation to hfi1_alloc_devdata() and the deallocation\nto hfi1_free_devdata().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47523",
"url": "https://www.suse.com/security/cve/CVE-2021-47523"
},
{
"category": "external",
"summary": "SUSE Bug 1225438 for CVE-2021-47523",
"url": "https://bugzilla.suse.com/1225438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47523"
},
{
"cve": "CVE-2021-47541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()\n\nIn mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and\ntmp-\u003etx_cq will be freed on the error path of mlx4_en_copy_priv().\nAfter that mlx4_en_alloc_resources() is called and there is a dereference\nof \u0026tmp-\u003etx_cq[t][i] in mlx4_en_alloc_resources(), which could lead to\na use after free problem on failure of mlx4_en_copy_priv().\n\nFix this bug by adding a check of mlx4_en_copy_priv()\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_MLX4_EN=m show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47541",
"url": "https://www.suse.com/security/cve/CVE-2021-47541"
},
{
"category": "external",
"summary": "SUSE Bug 1225453 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "external",
"summary": "SUSE Bug 1225454 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2021-47541"
},
{
"cve": "CVE-2021-47548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()\n\nThe if statement:\n if (port \u003e= DSAF_GE_NUM)\n return;\n\nlimits the value of port less than DSAF_GE_NUM (i.e., 8).\nHowever, if the value of port is 6 or 7, an array overflow could occur:\n port_rst_off = dsaf_dev-\u003emac_cb[port]-\u003eport_rst_off;\n\nbecause the length of dsaf_dev-\u003emac_cb is DSAF_MAX_PORT_NUM (i.e., 6).\n\nTo fix this possible array overflow, we first check port and if it is\ngreater than or equal to DSAF_MAX_PORT_NUM, the function returns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47548",
"url": "https://www.suse.com/security/cve/CVE-2021-47548"
},
{
"category": "external",
"summary": "SUSE Bug 1225506 for CVE-2021-47548",
"url": "https://bugzilla.suse.com/1225506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47548"
},
{
"cve": "CVE-2021-47565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix kernel panic during drive powercycle test\n\nWhile looping over shost\u0027s sdev list it is possible that one\nof the drives is getting removed and its sas_target object is\nfreed but its sdev object remains intact.\n\nConsequently, a kernel panic can occur while the driver is trying to access\nthe sas_address field of sas_target object without also checking the\nsas_target object for NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47565",
"url": "https://www.suse.com/security/cve/CVE-2021-47565"
},
{
"category": "external",
"summary": "SUSE Bug 1225384 for CVE-2021-47565",
"url": "https://bugzilla.suse.com/1225384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2021-47565"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn\u0027t find a command, but it missed to clean\nup the allocated memory for the management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48650",
"url": "https://www.suse.com/security/cve/CVE-2022-48650"
},
{
"category": "external",
"summary": "SUSE Bug 1223509 for CVE-2022-48650",
"url": "https://bugzilla.suse.com/1223509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48650"
},
{
"cve": "CVE-2022-48672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: fdt: fix off-by-one error in unflatten_dt_nodes()\n\nCommit 78c44d910d3e (\"drivers/of: Fix depth when unflattening devicetree\")\nforgot to fix up the depth check in the loop body in unflatten_dt_nodes()\nwhich makes it possible to overflow the nps[] buffer...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48672",
"url": "https://www.suse.com/security/cve/CVE-2022-48672"
},
{
"category": "external",
"summary": "SUSE Bug 1223931 for CVE-2022-48672",
"url": "https://bugzilla.suse.com/1223931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48672"
},
{
"cve": "CVE-2022-48686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix UAF when detecting digest errors\n\nWe should also bail from the io_work loop when we set rd_enabled to true,\nso we don\u0027t attempt to read data from the socket when the TCP stream is\nalready out-of-sync or corrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48686",
"url": "https://www.suse.com/security/cve/CVE-2022-48686"
},
{
"category": "external",
"summary": "SUSE Bug 1223948 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "external",
"summary": "SUSE Bug 1226337 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1226337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2022-48686"
},
{
"cve": "CVE-2022-48697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a use-after-free\n\nFix the following use-after-free complaint triggered by blktests nvme/004:\n\nBUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350\nRead of size 4 at addr 0000607bd1835943 by task kworker/13:1/460\nWorkqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\nCall Trace:\n show_stack+0x52/0x58\n dump_stack_lvl+0x49/0x5e\n print_report.cold+0x36/0x1e2\n kasan_report+0xb9/0xf0\n __asan_load4+0x6b/0x80\n blk_mq_complete_request_remote+0xac/0x350\n nvme_loop_queue_response+0x1df/0x275 [nvme_loop]\n __nvmet_req_complete+0x132/0x4f0 [nvmet]\n nvmet_req_complete+0x15/0x40 [nvmet]\n nvmet_execute_io_connect+0x18a/0x1f0 [nvmet]\n nvme_loop_execute_work+0x20/0x30 [nvme_loop]\n process_one_work+0x56e/0xa70\n worker_thread+0x2d1/0x640\n kthread+0x183/0x1c0\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48697",
"url": "https://www.suse.com/security/cve/CVE-2022-48697"
},
{
"category": "external",
"summary": "SUSE Bug 1223922 for CVE-2022-48697",
"url": "https://bugzilla.suse.com/1223922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48697"
},
{
"cve": "CVE-2022-48702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()\n\nThe voice allocator sometimes begins allocating from near the end of the\narray and then wraps around, however snd_emu10k1_pcm_channel_alloc()\naccesses the newly allocated voices as if it never wrapped around.\n\nThis results in out of bounds access if the first voice has a high enough\nindex so that first_voice + requested_voice_count \u003e NUM_G (64).\nThe more voices are requested, the more likely it is for this to occur.\n\nThis was initially discovered using PipeWire, however it can be reproduced\nby calling aplay multiple times with 16 channels:\naplay -r 48000 -D plughw:CARD=Live,DEV=3 -c 16 /dev/zero\n\nUBSAN: array-index-out-of-bounds in sound/pci/emu10k1/emupcm.c:127:40\nindex 65 is out of range for type \u0027snd_emu10k1_voice [64]\u0027\nCPU: 1 PID: 31977 Comm: aplay Tainted: G W IOE 6.0.0-rc2-emu10k1+ #7\nHardware name: ASUSTEK COMPUTER INC P5W DH Deluxe/P5W DH Deluxe, BIOS 3002 07/22/2010\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x49/0x63\ndump_stack+0x10/0x16\nubsan_epilogue+0x9/0x3f\n__ubsan_handle_out_of_bounds.cold+0x44/0x49\nsnd_emu10k1_playback_hw_params+0x3bc/0x420 [snd_emu10k1]\nsnd_pcm_hw_params+0x29f/0x600 [snd_pcm]\nsnd_pcm_common_ioctl+0x188/0x1410 [snd_pcm]\n? exit_to_user_mode_prepare+0x35/0x170\n? do_syscall_64+0x69/0x90\n? syscall_exit_to_user_mode+0x26/0x50\n? do_syscall_64+0x69/0x90\n? exit_to_user_mode_prepare+0x35/0x170\nsnd_pcm_ioctl+0x27/0x40 [snd_pcm]\n__x64_sys_ioctl+0x95/0xd0\ndo_syscall_64+0x5c/0x90\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48702",
"url": "https://www.suse.com/security/cve/CVE-2022-48702"
},
{
"category": "external",
"summary": "SUSE Bug 1223923 for CVE-2022-48702",
"url": "https://bugzilla.suse.com/1223923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48702"
},
{
"cve": "CVE-2022-48704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n\u003e Configuration and Message requests are the only TLPs accepted by a Function in\n\u003e the D3hot state. All other received Requests must be handled as Unsupported Requests,\n\u003e and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [\u003cffffffff811bea5c\u003e] ra = [\u003cffffffff81240844\u003e] ps = 0000 Tainted: G W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000\nt2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258\nt5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000\ns0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018\ns3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008\na3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338\nt8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800\nt11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000\ngp = ffffffff81d89690 sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[\u003cffffffff81240844\u003e] si_dma_is_lockup+0x34/0xd0\n[\u003cffffffff81119610\u003e] radeon_fence_check_lockup+0xd0/0x290\n[\u003cffffffff80977010\u003e] process_one_work+0x280/0x550\n[\u003cffffffff80977350\u003e] worker_thread+0x70/0x7c0\n[\u003cffffffff80977410\u003e] worker_thread+0x130/0x7c0\n[\u003cffffffff80982040\u003e] kthread+0x200/0x210\n[\u003cffffffff809772e0\u003e] worker_thread+0x0/0x7c0\n[\u003cffffffff80981f8c\u003e] kthread+0x14c/0x210\n[\u003cffffffff80911658\u003e] ret_from_kernel_thread+0x18/0x20\n[\u003cffffffff80981e40\u003e] kthread+0x0/0x210\n Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101\n \u003c88210000\u003e 4821ed21\nSo force lockup work queue flush to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48704",
"url": "https://www.suse.com/security/cve/CVE-2022-48704"
},
{
"category": "external",
"summary": "SUSE Bug 1223932 for CVE-2022-48704",
"url": "https://bugzilla.suse.com/1223932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48704"
},
{
"cve": "CVE-2022-48708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference\n\nAdded checking of pointer \"function\" in pcs_set_mux().\npinmux_generic_get_function() can return NULL and the pointer\n\"function\" was dereferenced without checking against NULL.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48708",
"url": "https://www.suse.com/security/cve/CVE-2022-48708"
},
{
"category": "external",
"summary": "SUSE Bug 1224942 for CVE-2022-48708",
"url": "https://bugzilla.suse.com/1224942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48708"
},
{
"cve": "CVE-2022-48710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix a possible null pointer dereference\n\nIn radeon_fp_native_mode(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.\n\nThe failure status of drm_cvt_mode() on the other path is checked too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48710",
"url": "https://www.suse.com/security/cve/CVE-2022-48710"
},
{
"category": "external",
"summary": "SUSE Bug 1225230 for CVE-2022-48710",
"url": "https://bugzilla.suse.com/1225230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2022-48710"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-1829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1829"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1829",
"url": "https://www.suse.com/security/cve/CVE-2023-1829"
},
{
"category": "external",
"summary": "SUSE Bug 1210335 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "external",
"summary": "SUSE Bug 1210619 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1220886 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1220886"
},
{
"category": "external",
"summary": "SUSE Bug 1228311 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1228311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-42755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-42755"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-42755",
"url": "https://www.suse.com/security/cve/CVE-2023-42755"
},
{
"category": "external",
"summary": "SUSE Bug 1215702 for CVE-2023-42755",
"url": "https://bugzilla.suse.com/1215702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-42755"
},
{
"cve": "CVE-2023-47233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47233"
}
],
"notes": [
{
"category": "general",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47233",
"url": "https://www.suse.com/security/cve/CVE-2023-47233"
},
{
"category": "external",
"summary": "SUSE Bug 1216702 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-52527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()\n\nIncluding the transhdrlen in length is a problem when the packet is\npartially filled (e.g. something like send(MSG_MORE) happened previously)\nwhen appending to an IPv4 or IPv6 packet as we don\u0027t want to repeat the\ntransport header or account for it twice. This can happen under some\ncircumstances, such as splicing into an L2TP socket.\n\nThe symptom observed is a warning in __ip6_append_data():\n\n WARNING: CPU: 1 PID: 5042 at net/ipv6/ip6_output.c:1800 __ip6_append_data.isra.0+0x1be8/0x47f0 net/ipv6/ip6_output.c:1800\n\nthat occurs when MSG_SPLICE_PAGES is used to append more data to an already\npartially occupied skbuff. The warning occurs when \u0027copy\u0027 is larger than\nthe amount of data in the message iterator. This is because the requested\nlength includes the transport header length when it shouldn\u0027t. This can be\ntriggered by, for example:\n\n sfd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_L2TP);\n bind(sfd, ...); // ::1\n connect(sfd, ...); // ::1 port 7\n send(sfd, buffer, 4100, MSG_MORE);\n sendfile(sfd, dfd, NULL, 1024);\n\nFix this by only adding transhdrlen into the length if the write queue is\nempty in l2tp_ip6_sendmsg(), analogously to how UDP does things.\n\nl2tp_ip_sendmsg() looks like it won\u0027t suffer from this problem as it builds\nthe UDP packet itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52527",
"url": "https://www.suse.com/security/cve/CVE-2023-52527"
},
{
"category": "external",
"summary": "SUSE Bug 1220928 for CVE-2023-52527",
"url": "https://bugzilla.suse.com/1220928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52527"
},
{
"cve": "CVE-2023-52586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52586"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add mutex lock in control vblank irq\n\nAdd a mutex lock to control vblank irq to synchronize vblank\nenable/disable operations happening from different threads to prevent\nrace conditions while registering/unregistering the vblank irq callback.\n\nv4: -Removed vblank_ctl_lock from dpu_encoder_virt, so it is only a\n parameter of dpu_encoder_phys.\n -Switch from atomic refcnt to a simple int counter as mutex has\n now been added\nv3: Mistakenly did not change wording in last version. It is done now.\nv2: Slightly changed wording of commit message\n\nPatchwork: https://patchwork.freedesktop.org/patch/571854/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52586",
"url": "https://www.suse.com/security/cve/CVE-2023-52586"
},
{
"category": "external",
"summary": "SUSE Bug 1221081 for CVE-2023-52586",
"url": "https://bugzilla.suse.com/1221081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52586"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm-\u003eioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52646",
"url": "https://www.suse.com/security/cve/CVE-2023-52646"
},
{
"category": "external",
"summary": "SUSE Bug 1223432 for CVE-2023-52646",
"url": "https://bugzilla.suse.com/1223432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aqc111: check packet for fixup for true limit\n\nIf a device sends a packet that is inbetween 0\nand sizeof(u64) the value passed to skb_trim()\nas length will wrap around ending up as some very\nlarge value.\n\nThe driver will then proceed to parse the header\nlocated at that position, which will either oops or\nprocess some random value.\n\nThe fix is to check against sizeof(u64) rather than\n0, which the driver currently does. The issue exists\nsince the introduction of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52655",
"url": "https://www.suse.com/security/cve/CVE-2023-52655"
},
{
"category": "external",
"summary": "SUSE Bug 1217169 for CVE-2023-52655",
"url": "https://bugzilla.suse.com/1217169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: eliminate double free in error handling logic\n\nDriver has a logic leak in ring data allocation/free,\nwhere aq_ring_free could be called multiple times on same ring,\nif system is under stress and got memory allocation error.\n\nRing pointer was used as an indicator of failure, but this is\nnot correct since only ring data is allocated/deallocated.\nRing itself is an array member.\n\nChanging ring allocation functions to return error code directly.\nThis simplifies error handling and eliminates aq_ring_free\non higher layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52664",
"url": "https://www.suse.com/security/cve/CVE-2023-52664"
},
{
"category": "external",
"summary": "SUSE Bug 1224747 for CVE-2023-52664",
"url": "https://bugzilla.suse.com/1224747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52685"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52685",
"url": "https://www.suse.com/security/cve/CVE-2023-52685"
},
{
"category": "external",
"summary": "SUSE Bug 1224728 for CVE-2023-52685",
"url": "https://bugzilla.suse.com/1224728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52685"
},
{
"cve": "CVE-2023-52686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_event_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52686",
"url": "https://www.suse.com/security/cve/CVE-2023-52686"
},
{
"category": "external",
"summary": "SUSE Bug 1224682 for CVE-2023-52686",
"url": "https://bugzilla.suse.com/1224682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev-\u003epm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52691",
"url": "https://www.suse.com/security/cve/CVE-2023-52691"
},
{
"category": "external",
"summary": "SUSE Bug 1224607 for CVE-2023-52691",
"url": "https://bugzilla.suse.com/1224607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52696",
"url": "https://www.suse.com/security/cve/CVE-2023-52696"
},
{
"category": "external",
"summary": "SUSE Bug 1224601 for CVE-2023-52696",
"url": "https://bugzilla.suse.com/1224601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: fix memory leak in netlbl_calipso_add_pass()\n\nIf IPv6 support is disabled at boot (ipv6.disable=1),\nthe calipso_init() -\u003e netlbl_calipso_ops_register() function isn\u0027t called,\nand the netlbl_calipso_ops_get() function always returns NULL.\nIn this case, the netlbl_calipso_add_pass() function allocates memory\nfor the doi_def variable but doesn\u0027t free it with the calipso_doi_free().\n\nBUG: memory leak\nunreferenced object 0xffff888011d68180 (size 64):\n comm \"syz-executor.1\", pid 10746, jiffies 4295410986 (age 17.928s)\n hex dump (first 32 bytes):\n 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c...\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c...\u003e] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline]\n [\u003c...\u003e] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111\n [\u003c...\u003e] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n [\u003c...\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [\u003c...\u003e] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n [\u003c...\u003e] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515\n [\u003c...\u003e] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n [\u003c...\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [\u003c...\u003e] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339\n [\u003c...\u003e] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934\n [\u003c...\u003e] sock_sendmsg_nosec net/socket.c:651 [inline]\n [\u003c...\u003e] sock_sendmsg+0x157/0x190 net/socket.c:671\n [\u003c...\u003e] ____sys_sendmsg+0x712/0x870 net/socket.c:2342\n [\u003c...\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396\n [\u003c...\u003e] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429\n [\u003c...\u003e] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [\u003c...\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller\n\n[PM: merged via the LSM tree at Jakub Kicinski request]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52698",
"url": "https://www.suse.com/security/cve/CVE-2023-52698"
},
{
"category": "external",
"summary": "SUSE Bug 1224621 for CVE-2023-52698",
"url": "https://bugzilla.suse.com/1224621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path\n\nsyzbot reported that act_len in kalmia_send_init_packet() is\nuninitialized when passing it to the first usb_bulk_msg error path. Jiri\nPirko noted that it\u0027s pointless to pass it in the error path, and that\nthe value that would be printed in the second error path would be the\nvalue of act_len from the first call to usb_bulk_msg.[1]\n\nWith this in mind, let\u0027s just not pass act_len to the usb_bulk_msg error\npaths.\n\n1: https://lore.kernel.org/lkml/Y9pY61y1nwTuzMOa@nanopsycho/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52703",
"url": "https://www.suse.com/security/cve/CVE-2023-52703"
},
{
"category": "external",
"summary": "SUSE Bug 1225549 for CVE-2023-52703",
"url": "https://bugzilla.suse.com/1225549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2023-52703"
},
{
"cve": "CVE-2023-52730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52730",
"url": "https://www.suse.com/security/cve/CVE-2023-52730"
},
{
"category": "external",
"summary": "SUSE Bug 1224956 for CVE-2023-52730",
"url": "https://bugzilla.suse.com/1224956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52730"
},
{
"cve": "CVE-2023-52732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: blocklist the kclient when receiving corrupted snap trace\n\nWhen received corrupted snap trace we don\u0027t know what exactly has\nhappened in MDS side. And we shouldn\u0027t continue IOs and metadatas\naccess to MDS, which may corrupt or get incorrect contents.\n\nThis patch will just block all the further IO/MDS requests\nimmediately and then evict the kclient itself.\n\nThe reason why we still need to evict the kclient just after\nblocking all the further IOs is that the MDS could revoke the caps\nfaster.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52732",
"url": "https://www.suse.com/security/cve/CVE-2023-52732"
},
{
"category": "external",
"summary": "SUSE Bug 1225222 for CVE-2023-52732",
"url": "https://bugzilla.suse.com/1225222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52732"
},
{
"cve": "CVE-2023-52741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix use-after-free in rdata-\u003eread_into_pages()\n\nWhen the network status is unstable, use-after-free may occur when\nread data from the server.\n\n BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7e0\n\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x38/0x4c\n print_report+0x16f/0x4a6\n kasan_report+0xb7/0x130\n readpages_fill_pages+0x14c/0x7e0\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n \u003c/TASK\u003e\n\n Allocated by task 2535:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x82/0x90\n cifs_readdata_direct_alloc+0x2c/0x110\n cifs_readdata_alloc+0x2d/0x60\n cifs_readahead+0x393/0xfe0\n read_pages+0x12f/0x470\n page_cache_ra_unbounded+0x1b1/0x240\n filemap_get_pages+0x1c8/0x9a0\n filemap_read+0x1c0/0x540\n cifs_strict_readv+0x21b/0x240\n vfs_read+0x395/0x4b0\n ksys_read+0xb8/0x150\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n Freed by task 79:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2e/0x50\n __kasan_slab_free+0x10e/0x1a0\n __kmem_cache_free+0x7a/0x1a0\n cifs_readdata_release+0x49/0x60\n process_one_work+0x46c/0x760\n worker_thread+0x2a4/0x6f0\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\n Last potentially related work creation:\n kasan_save_stack+0x22/0x50\n __kasan_record_aux_stack+0x95/0xb0\n insert_work+0x2b/0x130\n __queue_work+0x1fe/0x660\n queue_work_on+0x4b/0x60\n smb2_readv_callback+0x396/0x800\n cifs_abort_connection+0x474/0x6a0\n cifs_reconnect+0x5cb/0xa50\n cifs_readv_from_socket.cold+0x22/0x6c\n cifs_read_page_from_socket+0xc1/0x100\n readpages_fill_pages.cold+0x2f/0x46\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\nThe following function calls will cause UAF of the rdata pointer.\n\nreadpages_fill_pages\n cifs_read_page_from_socket\n cifs_readv_from_socket\n cifs_reconnect\n __cifs_reconnect\n cifs_abort_connection\n mid-\u003ecallback() --\u003e smb2_readv_callback\n queue_work(\u0026rdata-\u003ework) # if the worker completes first,\n # the rdata is freed\n cifs_readv_complete\n kref_put\n cifs_readdata_release\n kfree(rdata)\n return rdata-\u003e... # UAF in readpages_fill_pages()\n\nSimilarly, this problem also occurs in the uncache_fill_pages().\n\nFix this by adjusts the order of condition judgment in the return\nstatement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52741",
"url": "https://www.suse.com/security/cve/CVE-2023-52741"
},
{
"category": "external",
"summary": "SUSE Bug 1225479 for CVE-2023-52741",
"url": "https://bugzilla.suse.com/1225479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52741"
},
{
"cve": "CVE-2023-52742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: USB: Fix wrong-direction WARNING in plusb.c\n\nThe syzbot fuzzer detected a bug in the plusb network driver: A\nzero-length control-OUT transfer was treated as a read instead of a\nwrite. In modern kernels this error provokes a WARNING:\n\nusb 1-1: BOGUS control dir, pipe 80000280 doesn\u0027t match bRequestType c0\nWARNING: CPU: 0 PID: 4645 at drivers/usb/core/urb.c:411\nusb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\nModules linked in:\nCPU: 1 PID: 4645 Comm: dhcpcd Not tainted\n6.2.0-rc6-syzkaller-00050-g9f266ccaa2f5 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n01/12/2023\nRIP: 0010:usb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58\n usb_internal_control_msg drivers/usb/core/message.c:102 [inline]\n usb_control_msg+0x320/0x4a0 drivers/usb/core/message.c:153\n __usbnet_read_cmd+0xb9/0x390 drivers/net/usb/usbnet.c:2010\n usbnet_read_cmd+0x96/0xf0 drivers/net/usb/usbnet.c:2068\n pl_vendor_req drivers/net/usb/plusb.c:60 [inline]\n pl_set_QuickLink_features drivers/net/usb/plusb.c:75 [inline]\n pl_reset+0x2f/0xf0 drivers/net/usb/plusb.c:85\n usbnet_open+0xcc/0x5d0 drivers/net/usb/usbnet.c:889\n __dev_open+0x297/0x4d0 net/core/dev.c:1417\n __dev_change_flags+0x587/0x750 net/core/dev.c:8530\n dev_change_flags+0x97/0x170 net/core/dev.c:8602\n devinet_ioctl+0x15a2/0x1d70 net/ipv4/devinet.c:1147\n inet_ioctl+0x33f/0x380 net/ipv4/af_inet.c:979\n sock_do_ioctl+0xcc/0x230 net/socket.c:1169\n sock_ioctl+0x1f8/0x680 net/socket.c:1286\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe fix is to call usbnet_write_cmd() instead of usbnet_read_cmd() and\nremove the USB_DIR_IN flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52742",
"url": "https://www.suse.com/security/cve/CVE-2023-52742"
},
{
"category": "external",
"summary": "SUSE Bug 1225482 for CVE-2023-52742",
"url": "https://bugzilla.suse.com/1225482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52742"
},
{
"cve": "CVE-2023-52747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Restore allocated resources on failed copyout\n\nFix a resource leak if an error occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52747",
"url": "https://www.suse.com/security/cve/CVE-2023-52747"
},
{
"category": "external",
"summary": "SUSE Bug 1224931 for CVE-2023-52747",
"url": "https://bugzilla.suse.com/1224931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52747"
},
{
"cve": "CVE-2023-52759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52759"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52759",
"url": "https://www.suse.com/security/cve/CVE-2023-52759"
},
{
"category": "external",
"summary": "SUSE Bug 1225560 for CVE-2023-52759",
"url": "https://bugzilla.suse.com/1225560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52774",
"url": "https://www.suse.com/security/cve/CVE-2023-52774"
},
{
"category": "external",
"summary": "SUSE Bug 1225572 for CVE-2023-52774",
"url": "https://bugzilla.suse.com/1225572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52781",
"url": "https://www.suse.com/security/cve/CVE-2023-52781"
},
{
"category": "external",
"summary": "SUSE Bug 1225092 for CVE-2023-52781",
"url": "https://bugzilla.suse.com/1225092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52796",
"url": "https://www.suse.com/security/cve/CVE-2023-52796"
},
{
"category": "external",
"summary": "SUSE Bug 1224930 for CVE-2023-52796",
"url": "https://bugzilla.suse.com/1224930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52803",
"url": "https://www.suse.com/security/cve/CVE-2023-52803"
},
{
"category": "external",
"summary": "SUSE Bug 1225008 for CVE-2023-52803",
"url": "https://bugzilla.suse.com/1225008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52803"
},
{
"cve": "CVE-2023-52821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52821",
"url": "https://www.suse.com/security/cve/CVE-2023-52821"
},
{
"category": "external",
"summary": "SUSE Bug 1225022 for CVE-2023-52821",
"url": "https://bugzilla.suse.com/1225022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52821"
},
{
"cve": "CVE-2023-52864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52864",
"url": "https://www.suse.com/security/cve/CVE-2023-52864"
},
{
"category": "external",
"summary": "SUSE Bug 1225132 for CVE-2023-52864",
"url": "https://bugzilla.suse.com/1225132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52865",
"url": "https://www.suse.com/security/cve/CVE-2023-52865"
},
{
"category": "external",
"summary": "SUSE Bug 1225086 for CVE-2023-52865",
"url": "https://bugzilla.suse.com/1225086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: possible buffer overflow\n\nBuffer \u0027afmt_status\u0027 of size 6 could overflow, since index \u0027afmt_idx\u0027 is\nchecked after access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52867",
"url": "https://www.suse.com/security/cve/CVE-2023-52867"
},
{
"category": "external",
"summary": "SUSE Bug 1225009 for CVE-2023-52867",
"url": "https://bugzilla.suse.com/1225009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52875",
"url": "https://www.suse.com/security/cve/CVE-2023-52875"
},
{
"category": "external",
"summary": "SUSE Bug 1225096 for CVE-2023-52875",
"url": "https://bugzilla.suse.com/1225096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc\n\nAny unprivileged user can attach N_GSM0710 ldisc, but it requires\nCAP_NET_ADMIN to create a GSM network anyway.\n\nRequire initial namespace CAP_NET_ADMIN to do that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52880",
"url": "https://www.suse.com/security/cve/CVE-2023-52880"
},
{
"category": "external",
"summary": "SUSE Bug 1222619 for CVE-2023-52880",
"url": "https://bugzilla.suse.com/1222619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2023-52880"
},
{
"cve": "CVE-2024-0639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0639"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u0027s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0639",
"url": "https://www.suse.com/security/cve/CVE-2024-0639"
},
{
"category": "external",
"summary": "SUSE Bug 1218917 for CVE-2024-0639",
"url": "https://bugzilla.suse.com/1218917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-26625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26625"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: call sock_orphan() at release time\n\nsyzbot reported an interesting trace [1] caused by a stale sk-\u003esk_wq\npointer in a closed llc socket.\n\nIn commit ff7b11aa481f (\"net: socket: set sock-\u003esk to NULL after\ncalling proto_ops::release()\") Eric Biggers hinted that some protocols\nare missing a sock_orphan(), we need to perform a full audit.\n\nIn net-next, I plan to clear sock-\u003esk from sock_orphan() and\namend Eric patch to add a warning.\n\n[1]\n BUG: KASAN: slab-use-after-free in list_empty include/linux/list.h:373 [inline]\n BUG: KASAN: slab-use-after-free in waitqueue_active include/linux/wait.h:127 [inline]\n BUG: KASAN: slab-use-after-free in sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n BUG: KASAN: slab-use-after-free in sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\nRead of size 8 at addr ffff88802f4fc880 by task ksoftirqd/1/27\n\nCPU: 1 PID: 27 Comm: ksoftirqd/1 Not tainted 6.8.0-rc1-syzkaller-00049-g6098d87eaf31 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc4/0x620 mm/kasan/report.c:488\n kasan_report+0xda/0x110 mm/kasan/report.c:601\n list_empty include/linux/list.h:373 [inline]\n waitqueue_active include/linux/wait.h:127 [inline]\n sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\n skb_release_head_state+0xa3/0x2b0 net/core/skbuff.c:1080\n skb_release_all net/core/skbuff.c:1092 [inline]\n napi_consume_skb+0x119/0x2b0 net/core/skbuff.c:1404\n e1000_unmap_and_free_tx_resource+0x144/0x200 drivers/net/ethernet/intel/e1000/e1000_main.c:1970\n e1000_clean_tx_irq drivers/net/ethernet/intel/e1000/e1000_main.c:3860 [inline]\n e1000_clean+0x4a1/0x26e0 drivers/net/ethernet/intel/e1000/e1000_main.c:3801\n __napi_poll.constprop.0+0xb4/0x540 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x956/0xe90 net/core/dev.c:6778\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\n run_ksoftirqd kernel/softirq.c:921 [inline]\n run_ksoftirqd+0x31/0x60 kernel/softirq.c:913\n smpboot_thread_fn+0x660/0xa10 kernel/smpboot.c:164\n kthread+0x2c6/0x3a0 kernel/kthread.c:388\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n \u003c/TASK\u003e\n\nAllocated by task 5167:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_lru+0x142/0x6f0 mm/slub.c:3879\n alloc_inode_sb include/linux/fs.h:3019 [inline]\n sock_alloc_inode+0x25/0x1c0 net/socket.c:308\n alloc_inode+0x5d/0x220 fs/inode.c:260\n new_inode_pseudo+0x16/0x80 fs/inode.c:1005\n sock_alloc+0x40/0x270 net/socket.c:634\n __sock_create+0xbc/0x800 net/socket.c:1535\n sock_create net/socket.c:1622 [inline]\n __sys_socket_create net/socket.c:1659 [inline]\n __sys_socket+0x14c/0x260 net/socket.c:1706\n __do_sys_socket net/socket.c:1720 [inline]\n __se_sys_socket net/socket.c:1718 [inline]\n __x64_sys_socket+0x72/0xb0 net/socket.c:1718\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd3/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 0:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3f/0x60 mm/kasan/generic.c:640\n poison_slab_object mm/kasan/common.c:241 [inline]\n __kasan_slab_free+0x121/0x1b0 mm/kasan/common.c:257\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2121 [inlin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26625",
"url": "https://www.suse.com/security/cve/CVE-2024-26625"
},
{
"category": "external",
"summary": "SUSE Bug 1221086 for CVE-2024-26625",
"url": "https://bugzilla.suse.com/1221086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: pass correct message length to ip6_append_data\n\nl2tp_ip6_sendmsg needs to avoid accounting for the transport header\ntwice when splicing more data into an already partially-occupied skbuff.\n\nTo manage this, we check whether the skbuff contains data using\nskb_queue_empty when deciding how much data to append using\nip6_append_data.\n\nHowever, the code which performed the calculation was incorrect:\n\n ulen = len + skb_queue_empty(\u0026sk-\u003esk_write_queue) ? transhdrlen : 0;\n\n...due to C operator precedence, this ends up setting ulen to\ntranshdrlen for messages with a non-zero length, which results in\ncorrupted packets on the wire.\n\nAdd parentheses to correct the calculation in line with the original\nintent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26752",
"url": "https://www.suse.com/security/cve/CVE-2024-26752"
},
{
"category": "external",
"summary": "SUSE Bug 1222667 for CVE-2024-26752",
"url": "https://bugzilla.suse.com/1222667"
},
{
"category": "external",
"summary": "SUSE Bug 1223292 for CVE-2024-26752",
"url": "https://bugzilla.suse.com/1223292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2024-26752"
},
{
"cve": "CVE-2024-26775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: avoid potential deadlock at set_capacity\n\nMove set_capacity() outside of the section procected by (\u0026d-\u003elock).\nTo avoid possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n[1] lock(\u0026bdev-\u003ebd_size_lock);\n local_irq_disable();\n [2] lock(\u0026d-\u003elock);\n [3] lock(\u0026bdev-\u003ebd_size_lock);\n \u003cInterrupt\u003e\n[4] lock(\u0026d-\u003elock);\n\n *** DEADLOCK ***\n\nWhere [1](\u0026bdev-\u003ebd_size_lock) hold by zram_add()-\u003eset_capacity().\n[2]lock(\u0026d-\u003elock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc()\nis trying to acquire [3](\u0026bdev-\u003ebd_size_lock) at set_capacity() call.\nIn this situation an attempt to acquire [4]lock(\u0026d-\u003elock) from\naoecmd_cfg_rsp() will lead to deadlock.\n\nSo the simplest solution is breaking lock dependency\n[2](\u0026d-\u003elock) -\u003e [3](\u0026bdev-\u003ebd_size_lock) by moving set_capacity()\noutside.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26775",
"url": "https://www.suse.com/security/cve/CVE-2024-26775"
},
{
"category": "external",
"summary": "SUSE Bug 1222627 for CVE-2024-26775",
"url": "https://bugzilla.suse.com/1222627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26775"
},
{
"cve": "CVE-2024-26791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: dev-replace: properly validate device names\n\nThere\u0027s a syzbot report that device name buffers passed to device\nreplace are not properly checked for string termination which could lead\nto a read out of bounds in getname_kernel().\n\nAdd a helper that validates both source and target device name buffers.\nFor devid as the source initialize the buffer to empty string in case\nsomething tries to read it later.\n\nThis was originally analyzed and fixed in a different way by Edward Adam\nDavis (see links).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26791",
"url": "https://www.suse.com/security/cve/CVE-2024-26791"
},
{
"category": "external",
"summary": "SUSE Bug 1222793 for CVE-2024-26791",
"url": "https://bugzilla.suse.com/1222793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fc: do not wait in vain when unloading module\n\nThe module exit path has race between deleting all controllers and\nfreeing \u0027left over IDs\u0027. To prevent double free a synchronization\nbetween nvme_delete_ctrl and ida_destroy has been added by the initial\ncommit.\n\nThere is some logic around trying to prevent from hanging forever in\nwait_for_completion, though it does not handling all cases. E.g.\nblktests is able to reproduce the situation where the module unload\nhangs forever.\n\nIf we completely rely on the cleanup code executed from the\nnvme_delete_ctrl path, all IDs will be freed eventually. This makes\ncalling ida_destroy unnecessary. We only have to ensure that all\nnvme_delete_ctrl code has been executed before we leave\nnvme_fc_exit_module. This is done by flushing the nvme_delete_wq\nworkqueue.\n\nWhile at it, remove the unused nvme_fc_wq workqueue too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26846",
"url": "https://www.suse.com/security/cve/CVE-2024-26846"
},
{
"category": "external",
"summary": "SUSE Bug 1223023 for CVE-2024-26846",
"url": "https://bugzilla.suse.com/1223023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26846"
},
{
"cve": "CVE-2024-26874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip\n\nIt\u0027s possible that mtk_crtc-\u003eevent is NULL in\nmtk_drm_crtc_finish_page_flip().\n\npending_needs_vblank value is set by mtk_crtc-\u003eevent, but in\nmtk_drm_crtc_atomic_flush(), it\u0027s is not guarded by the same\nlock in mtk_drm_finish_page_flip(), thus a race condition happens.\n\nConsider the following case:\n\nCPU1 CPU2\nstep 1:\nmtk_drm_crtc_atomic_begin()\nmtk_crtc-\u003eevent is not null,\n step 1:\n mtk_drm_crtc_atomic_flush:\n mtk_drm_crtc_update_config(\n !!mtk_crtc-\u003eevent)\nstep 2:\nmtk_crtc_ddp_irq -\u003e\nmtk_drm_finish_page_flip:\nlock\nmtk_crtc-\u003eevent set to null,\npending_needs_vblank set to false\nunlock\n pending_needs_vblank set to true,\n\n step 2:\n mtk_crtc_ddp_irq -\u003e\n mtk_drm_finish_page_flip called again,\n pending_needs_vblank is still true\n //null pointer\n\nInstead of guarding the entire mtk_drm_crtc_atomic_flush(), it\u0027s more\nefficient to just check if mtk_crtc-\u003eevent is null before use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26874",
"url": "https://www.suse.com/security/cve/CVE-2024-26874"
},
{
"category": "external",
"summary": "SUSE Bug 1223048 for CVE-2024-26874",
"url": "https://bugzilla.suse.com/1223048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26874"
},
{
"cve": "CVE-2024-26876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: adv7511: fix crash on irq during probe\n\nMoved IRQ registration down to end of adv7511_probe().\n\nIf an IRQ already is pending during adv7511_probe\n(before adv7511_cec_init) then cec_received_msg_ts\ncould crash using uninitialized data:\n\n Unable to handle kernel read from unreadable memory at virtual address 00000000000003d5\n Internal error: Oops: 96000004 [#1] PREEMPT_RT SMP\n Call trace:\n cec_received_msg_ts+0x48/0x990 [cec]\n adv7511_cec_irq_process+0x1cc/0x308 [adv7511]\n adv7511_irq_process+0xd8/0x120 [adv7511]\n adv7511_irq_handler+0x1c/0x30 [adv7511]\n irq_thread_fn+0x30/0xa0\n irq_thread+0x14c/0x238\n kthread+0x190/0x1a8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26876",
"url": "https://www.suse.com/security/cve/CVE-2024-26876"
},
{
"category": "external",
"summary": "SUSE Bug 1223119 for CVE-2024-26876",
"url": "https://bugzilla.suse.com/1223119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26876"
},
{
"cve": "CVE-2024-26900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev-\u003eserial\n\nIf kobject_add() is fail in bind_rdev_to_array(), \u0027rdev-\u003eserial\u0027 will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [\u003c0000000058b0a453\u003e] kmemleak_alloc+0x61/0xe0\n [\u003c00000000366adf14\u003e] __kmalloc_large_node+0x15e/0x270\n [\u003c000000002e82961b\u003e] __kmalloc_node.cold+0x11/0x7f\n [\u003c00000000f206d60a\u003e] kvmalloc_node+0x74/0x150\n [\u003c0000000034bf3363\u003e] rdev_init_serial+0x67/0x170\n [\u003c0000000010e08fe9\u003e] mddev_create_serial_pool+0x62/0x220\n [\u003c00000000c3837bf0\u003e] bind_rdev_to_array+0x2af/0x630\n [\u003c0000000073c28560\u003e] md_add_new_disk+0x400/0x9f0\n [\u003c00000000770e30ff\u003e] md_ioctl+0x15bf/0x1c10\n [\u003c000000006cfab718\u003e] blkdev_ioctl+0x191/0x3f0\n [\u003c0000000085086a11\u003e] vfs_ioctl+0x22/0x60\n [\u003c0000000018b656fe\u003e] __x64_sys_ioctl+0xba/0xe0\n [\u003c00000000e54e675e\u003e] do_syscall_64+0x71/0x150\n [\u003c000000008b0ad622\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26900",
"url": "https://www.suse.com/security/cve/CVE-2024-26900"
},
{
"category": "external",
"summary": "SUSE Bug 1223046 for CVE-2024-26900",
"url": "https://bugzilla.suse.com/1223046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Reset IH OVERFLOW_CLEAR bit\n\nAllows us to detect subsequent IH ring buffer overflows as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26915",
"url": "https://www.suse.com/security/cve/CVE-2024-26915"
},
{
"category": "external",
"summary": "SUSE Bug 1223207 for CVE-2024-26915",
"url": "https://bugzilla.suse.com/1223207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26915"
},
{
"cve": "CVE-2024-26920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/trigger: Fix to return error if failed to alloc snapshot\n\nFix register_snapshot_trigger() to return error code if it failed to\nallocate a snapshot instead of 0 (success). Unless that, it will register\nsnapshot trigger without an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26920",
"url": "https://www.suse.com/security/cve/CVE-2024-26920"
},
{
"category": "external",
"summary": "SUSE Bug 1228237 for CVE-2024-26920",
"url": "https://bugzilla.suse.com/1228237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb-\u003esk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb-\u003esk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead-\u003esk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff-\u003esk member, we must move the\noffset into the FRAG_CB, else skb-\u003esk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won\u0027t continue past reasm engine.\n\nIn the latter case, we will steal the skb-\u003esk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26921",
"url": "https://www.suse.com/security/cve/CVE-2024-26921"
},
{
"category": "external",
"summary": "SUSE Bug 1223138 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "external",
"summary": "SUSE Bug 1223139 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26931",
"url": "https://www.suse.com/security/cve/CVE-2024-26931"
},
{
"category": "external",
"summary": "SUSE Bug 1223627 for CVE-2024-26931",
"url": "https://bugzilla.suse.com/1223627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface\u0027s parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can\u0027t complete\nuntil the device lock has been released, and the lock won\u0027t be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \u003csamsun1006219@gmail.com\u003e\nReported by: xingwei lee \u003cxrivendell7@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26934",
"url": "https://www.suse.com/security/cve/CVE-2024-26934"
},
{
"category": "external",
"summary": "SUSE Bug 1223671 for CVE-2024-26934",
"url": "https://bugzilla.suse.com/1223671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: fix reference counting on zcrypt card objects\n\nTests with hot-plugging crytpo cards on KVM guests with debug\nkernel build revealed an use after free for the load field of\nthe struct zcrypt_card. The reason was an incorrect reference\nhandling of the zcrypt card object which could lead to a free\nof the zcrypt card object while it was still in use.\n\nThis is an example of the slab message:\n\n kernel: 0x00000000885a7512-0x00000000885a7513 @offset=1298. First byte 0x68 instead of 0x6b\n kernel: Allocated in zcrypt_card_alloc+0x36/0x70 [zcrypt] age=18046 cpu=3 pid=43\n kernel: kmalloc_trace+0x3f2/0x470\n kernel: zcrypt_card_alloc+0x36/0x70 [zcrypt]\n kernel: zcrypt_cex4_card_probe+0x26/0x380 [zcrypt_cex4]\n kernel: ap_device_probe+0x15c/0x290\n kernel: really_probe+0xd2/0x468\n kernel: driver_probe_device+0x40/0xf0\n kernel: __device_attach_driver+0xc0/0x140\n kernel: bus_for_each_drv+0x8c/0xd0\n kernel: __device_attach+0x114/0x198\n kernel: bus_probe_device+0xb4/0xc8\n kernel: device_add+0x4d2/0x6e0\n kernel: ap_scan_adapter+0x3d0/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: Freed in zcrypt_card_put+0x54/0x80 [zcrypt] age=9024 cpu=3 pid=43\n kernel: kfree+0x37e/0x418\n kernel: zcrypt_card_put+0x54/0x80 [zcrypt]\n kernel: ap_device_remove+0x4c/0xe0\n kernel: device_release_driver_internal+0x1c4/0x270\n kernel: bus_remove_device+0x100/0x188\n kernel: device_del+0x164/0x3c0\n kernel: device_unregister+0x30/0x90\n kernel: ap_scan_adapter+0xc8/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: kthread+0x150/0x168\n kernel: __ret_from_fork+0x3c/0x58\n kernel: ret_from_fork+0xa/0x30\n kernel: Slab 0x00000372022169c0 objects=20 used=18 fp=0x00000000885a7c88 flags=0x3ffff00000000a00(workingset|slab|node=0|zone=1|lastcpupid=0x1ffff)\n kernel: Object 0x00000000885a74b8 @offset=1208 fp=0x00000000885a7c88\n kernel: Redzone 00000000885a74b0: bb bb bb bb bb bb bb bb ........\n kernel: Object 00000000885a74b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74f8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a7508: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 68 4b 6b 6b 6b a5 kkkkkkkkkkhKkkk.\n kernel: Redzone 00000000885a7518: bb bb bb bb bb bb bb bb ........\n kernel: Padding 00000000885a756c: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\n kernel: CPU: 0 PID: 387 Comm: systemd-udevd Not tainted 6.8.0-HF #2\n kernel: Hardware name: IBM 3931 A01 704 (KVM/Linux)\n kernel: Call Trace:\n kernel: [\u003c00000000ca5ab5b8\u003e] dump_stack_lvl+0x90/0x120\n kernel: [\u003c00000000c99d78bc\u003e] check_bytes_and_report+0x114/0x140\n kernel: [\u003c00000000c99d53cc\u003e] check_object+0x334/0x3f8\n kernel: [\u003c00000000c99d820c\u003e] alloc_debug_processing+0xc4/0x1f8\n kernel: [\u003c00000000c99d852e\u003e] get_partial_node.part.0+0x1ee/0x3e0\n kernel: [\u003c00000000c99d94ec\u003e] ___slab_alloc+0xaf4/0x13c8\n kernel: [\u003c00000000c99d9e38\u003e] __slab_alloc.constprop.0+0x78/0xb8\n kernel: [\u003c00000000c99dc8dc\u003e] __kmalloc+0x434/0x590\n kernel: [\u003c00000000c9b4c0ce\u003e] ext4_htree_store_dirent+0x4e/0x1c0\n kernel: [\u003c00000000c9b908a2\u003e] htree_dirblock_to_tree+0x17a/0x3f0\n kernel: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26957",
"url": "https://www.suse.com/security/cve/CVE-2024-26957"
},
{
"category": "external",
"summary": "SUSE Bug 1223666 for CVE-2024-26957",
"url": "https://bugzilla.suse.com/1223666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix UAF in direct writes\n\nIn production we have been hitting the following warning consistently\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28 refcount_warn_saturate+0x9c/0xe0\nWorkqueue: nfsiod nfs_direct_write_schedule_work [nfs]\nRIP: 0010:refcount_warn_saturate+0x9c/0xe0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x9f/0x130\n ? refcount_warn_saturate+0x9c/0xe0\n ? report_bug+0xcc/0x150\n ? handle_bug+0x3d/0x70\n ? exc_invalid_op+0x16/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? refcount_warn_saturate+0x9c/0xe0\n nfs_direct_write_schedule_work+0x237/0x250 [nfs]\n process_one_work+0x12f/0x4a0\n worker_thread+0x14e/0x3b0\n ? ZSTD_getCParams_internal+0x220/0x220\n kthread+0xdc/0x120\n ? __btf_name_valid+0xa0/0xa0\n ret_from_fork+0x1f/0x30\n\nThis is because we\u0027re completing the nfs_direct_request twice in a row.\n\nThe source of this is when we have our commit requests to submit, we\nprocess them and send them off, and then in the completion path for the\ncommit requests we have\n\nif (nfs_commit_end(cinfo.mds))\n\tnfs_direct_write_complete(dreq);\n\nHowever since we\u0027re submitting asynchronous requests we sometimes have\none that completes before we submit the next one, so we end up calling\ncomplete on the nfs_direct_request twice.\n\nThe only other place we use nfs_generic_commit_list() is in\n__nfs_commit_inode, which wraps this call in a\n\nnfs_commit_begin();\nnfs_commit_end();\n\nWhich is a common pattern for this style of completion handling, one\nthat is also repeated in the direct code with get_dreq()/put_dreq()\ncalls around where we process events as well as in the completion paths.\n\nFix this by using the same pattern for the commit requests.\n\nBefore with my 200 node rocksdb stress running this warning would pop\nevery 10ish minutes. With my patch the stress test has been running for\nseveral hours without popping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26958",
"url": "https://www.suse.com/security/cve/CVE-2024-26958"
},
{
"category": "external",
"summary": "SUSE Bug 1223653 for CVE-2024-26958",
"url": "https://bugzilla.suse.com/1223653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: fix instmem race condition around ptr stores\n\nRunning a lot of VK CTS in parallel against nouveau, once every\nfew hours you might see something like this crash.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 8000000114e6e067 P4D 8000000114e6e067 PUD 109046067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 7 PID: 53891 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\nHardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\nRIP: 0010:gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\nCode: c7 48 01 c8 49 89 45 58 85 d2 0f 84 95 00 00 00 41 0f b7 46 12 49 8b 7e 08 89 da 42 8d 2c f8 48 8b 47 08 41 83 c7 01 48 89 ee \u003c48\u003e 8b 40 08 ff d0 0f 1f 00 49 8b 7e 08 48 89 d9 48 8d 75 04 48 c1\nRSP: 0000:ffffac20c5857838 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000004d8001 RCX: 0000000000000001\nRDX: 00000000004d8001 RSI: 00000000000006d8 RDI: ffffa07afe332180\nRBP: 00000000000006d8 R08: ffffac20c5857ad0 R09: 0000000000ffff10\nR10: 0000000000000001 R11: ffffa07af27e2de0 R12: 000000000000001c\nR13: ffffac20c5857ad0 R14: ffffa07a96fe9040 R15: 000000000000001c\nFS: 00007fe395eed7c0(0000) GS:ffffa07e2c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000011febe001 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n...\n\n ? gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\n ? gp100_vmm_pgt_mem+0x37/0x180 [nouveau]\n nvkm_vmm_iter+0x351/0xa20 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __lock_acquire+0x3ed/0x2170\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_ptes_get_map+0xc2/0x100 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_map_locked+0x224/0x3a0 [nouveau]\n\nAdding any sort of useful debug usually makes it go away, so I hand\nwrote the function in a line, and debugged the asm.\n\nEvery so often pt-\u003ememory-\u003eptrs is NULL. This ptrs ptr is set in\nthe nv50_instobj_acquire called from nvkm_kmap.\n\nIf Thread A and Thread B both get to nv50_instobj_acquire around\nthe same time, and Thread A hits the refcount_set line, and in\nlockstep thread B succeeds at refcount_inc_not_zero, there is a\nchance the ptrs value won\u0027t have been stored since refcount_set\nis unordered. Force a memory barrier here, I picked smp_mb, since\nwe want it on all CPUs and it\u0027s write followed by a read.\n\nv2: use paired smp_rmb/smp_wmb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26984",
"url": "https://www.suse.com/security/cve/CVE-2024-26984"
},
{
"category": "external",
"summary": "SUSE Bug 1223633 for CVE-2024-26984",
"url": "https://bugzilla.suse.com/1223633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error\n\nWhen ncm function is working and then stop usb0 interface for link down,\neth_stop() is called. At this piont, accidentally if usb transport error\nshould happen in usb_ep_enable(), \u0027in_ep\u0027 and/or \u0027out_ep\u0027 may not be enabled.\n\nAfter that, ncm_disable() is called to disable for ncm unbind\nbut gether_disconnect() is never called since \u0027in_ep\u0027 is not enabled.\n\nAs the result, ncm object is released in ncm unbind\nbut \u0027dev-\u003eport_usb\u0027 associated to \u0027ncm-\u003eport\u0027 is not NULL.\n\nAnd when ncm bind again to recover netdev, ncm object is reallocated\nbut usb0 interface is already associated to previous released ncm object.\n\nTherefore, once usb0 interface is up and eth_start_xmit() is called,\nreleased ncm object is dereferrenced and it might cause use-after-free memory.\n\n[function unlink via configfs]\n usb0: eth_stop dev-\u003eport_usb=ffffff9b179c3200\n --\u003e error happens in usb_ep_enable().\n NCM: ncm_disable: ncm=ffffff9b179c3200\n --\u003e no gether_disconnect() since ncm-\u003eport.in_ep-\u003eenabled is false.\n NCM: ncm_unbind: ncm unbind ncm=ffffff9b179c3200\n NCM: ncm_free: ncm free ncm=ffffff9b179c3200 \u003c-- released ncm\n\n[function link via configfs]\n NCM: ncm_alloc: ncm alloc ncm=ffffff9ac4f8a000\n NCM: ncm_bind: ncm bind ncm=ffffff9ac4f8a000\n NCM: ncm_set_alt: ncm=ffffff9ac4f8a000 alt=0\n usb0: eth_open dev-\u003eport_usb=ffffff9b179c3200 \u003c-- previous released ncm\n usb0: eth_start dev-\u003eport_usb=ffffff9b179c3200 \u003c--\n eth_start_xmit()\n --\u003e dev-\u003ewrap()\n Unable to handle kernel paging request at virtual address dead00000000014f\n\nThis patch addresses the issue by checking if \u0027ncm-\u003enetdev\u0027 is not NULL at\nncm_disable() to call gether_disconnect() to deassociate \u0027dev-\u003eport_usb\u0027.\nIt\u0027s more reasonable to check \u0027ncm-\u003enetdev\u0027 to call gether_connect/disconnect\nrather than check \u0027ncm-\u003eport.in_ep-\u003eenabled\u0027 since it might not be enabled\nbut the gether connection might be established.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26996",
"url": "https://www.suse.com/security/cve/CVE-2024-26996"
},
{
"category": "external",
"summary": "SUSE Bug 1223752 for CVE-2024-26996",
"url": "https://bugzilla.suse.com/1223752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-27008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: nv04: Fix out of bounds access\n\nWhen Output Resource (dcb-\u003eor) value is assigned in\nfabricate_dcb_output(), there may be out of bounds access to\ndac_users array in case dcb-\u003eor is zero because ffs(dcb-\u003eor) is\nused as index there.\nThe \u0027or\u0027 argument of fabricate_dcb_output() must be interpreted as a\nnumber of bit to set, not value.\n\nUtilize macros from \u0027enum nouveau_or\u0027 in calls instead of hardcoding.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27008",
"url": "https://www.suse.com/security/cve/CVE-2024-27008"
},
{
"category": "external",
"summary": "SUSE Bug 1223802 for CVE-2024-27008",
"url": "https://bugzilla.suse.com/1223802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27054",
"url": "https://www.suse.com/security/cve/CVE-2024-27054"
},
{
"category": "external",
"summary": "SUSE Bug 1223819 for CVE-2024-27054",
"url": "https://bugzilla.suse.com/1223819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27059",
"url": "https://www.suse.com/security/cve/CVE-2024-27059"
},
{
"category": "external",
"summary": "SUSE Bug 1223738 for CVE-2024-27059",
"url": "https://bugzilla.suse.com/1223738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: lock the client object tree.\n\nIt appears the client object tree has no locking unless I\u0027ve missed\nsomething else. Fix races around adding/removing client objects,\nmostly vram bar mappings.\n\n 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI\n[ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\n[ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\n[ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 \u003c48\u003e 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe\n[ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206\n[ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58\n[ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400\n[ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000\n[ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0\n[ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007\n[ 4562.099528] FS: 00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000\n[ 4562.099534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0\n[ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4562.099544] Call Trace:\n[ 4562.099555] \u003cTASK\u003e\n[ 4562.099573] ? die_addr+0x36/0x90\n[ 4562.099583] ? exc_general_protection+0x246/0x4a0\n[ 4562.099593] ? asm_exc_general_protection+0x26/0x30\n[ 4562.099600] ? nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099730] nvkm_ioctl+0xa1/0x250 [nouveau]\n[ 4562.099861] nvif_object_map_handle+0xc8/0x180 [nouveau]\n[ 4562.099986] nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau]\n[ 4562.100156] ? dma_resv_test_signaled+0x26/0xb0\n[ 4562.100163] ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm]\n[ 4562.100182] ? __mutex_unlock_slowpath+0x2a/0x270\n[ 4562.100189] nouveau_ttm_fault+0x69/0xb0 [nouveau]\n[ 4562.100356] __do_fault+0x32/0x150\n[ 4562.100362] do_fault+0x7c/0x560\n[ 4562.100369] __handle_mm_fault+0x800/0xc10\n[ 4562.100382] handle_mm_fault+0x17c/0x3e0\n[ 4562.100388] do_user_addr_fault+0x208/0x860\n[ 4562.100395] exc_page_fault+0x7f/0x200\n[ 4562.100402] asm_exc_page_fault+0x26/0x30\n[ 4562.100412] RIP: 0033:0x9b9870\n[ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 \u003c44\u003e 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7\n[ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246\n[ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000\n[ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066\n[ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000\n[ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff\n[ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 4562.100446] \u003c/TASK\u003e\n[ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27062",
"url": "https://www.suse.com/security/cve/CVE-2024-27062"
},
{
"category": "external",
"summary": "SUSE Bug 1223834 for CVE-2024-27062",
"url": "https://bugzilla.suse.com/1223834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27396",
"url": "https://www.suse.com/security/cve/CVE-2024-27396"
},
{
"category": "external",
"summary": "SUSE Bug 1224096 for CVE-2024-27396",
"url": "https://bugzilla.suse.com/1224096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27401",
"url": "https://www.suse.com/security/cve/CVE-2024-27401"
},
{
"category": "external",
"summary": "SUSE Bug 1224181 for CVE-2024-27401",
"url": "https://bugzilla.suse.com/1224181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27401"
},
{
"cve": "CVE-2024-27419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Fix data-races around sysctl_net_busy_read\n\nWe need to protect the reader reading the sysctl value because the\nvalue can be changed concurrently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27419",
"url": "https://www.suse.com/security/cve/CVE-2024-27419"
},
{
"category": "external",
"summary": "SUSE Bug 1224759 for CVE-2024-27419",
"url": "https://bugzilla.suse.com/1224759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "low"
}
],
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Stop parsing channels bits when all channels are found.\n\nIf a usb audio device sets more bits than the amount of channels\nit could write outside of the map array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27436",
"url": "https://www.suse.com/security/cve/CVE-2024-27436"
},
{
"category": "external",
"summary": "SUSE Bug 1224803 for CVE-2024-27436",
"url": "https://bugzilla.suse.com/1224803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-35789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35789",
"url": "https://www.suse.com/security/cve/CVE-2024-35789"
},
{
"category": "external",
"summary": "SUSE Bug 1224749 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "external",
"summary": "SUSE Bug 1227320 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1227320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "important"
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region()\n\nDo the cache flush of converted pages in svm_register_enc_region() before\ndropping kvm-\u003elock to fix use-after-free issues where region and/or its\narray of pages could be freed by a different task, e.g. if userspace has\n__unregister_enc_region_locked() already queued up for the region.\n\nNote, the \"obvious\" alternative of using local variables doesn\u0027t fully\nresolve the bug, as region-\u003epages is also dynamically allocated. I.e. the\nregion structure itself would be fine, but region-\u003epages could be freed.\n\nFlushing multiple pages under kvm-\u003elock is unfortunate, but the entire\nflow is a rare slow path, and the manual flush is only needed on CPUs that\nlack coherency for encrypted memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35791",
"url": "https://www.suse.com/security/cve/CVE-2024-35791"
},
{
"category": "external",
"summary": "SUSE Bug 1224725 for CVE-2024-35791",
"url": "https://bugzilla.suse.com/1224725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35791"
},
{
"cve": "CVE-2024-35809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/PM: Drain runtime-idle callbacks before driver removal\n\nA race condition between the .runtime_idle() callback and the .remove()\ncallback in the rtsx_pcr PCI driver leads to a kernel crash due to an\nunhandled page fault [1].\n\nThe problem is that rtsx_pci_runtime_idle() is not expected to be running\nafter pm_runtime_get_sync() has been called, but the latter doesn\u0027t really\nguarantee that. It only guarantees that the suspend and resume callbacks\nwill not be running when it returns.\n\nHowever, if a .runtime_idle() callback is already running when\npm_runtime_get_sync() is called, the latter will notice that the runtime PM\nstatus of the device is RPM_ACTIVE and it will return right away without\nwaiting for the former to complete. In fact, it cannot wait for\n.runtime_idle() to complete because it may be called from that callback (it\narguably does not make much sense to do that, but it is not strictly\nprohibited).\n\nThus in general, whoever is providing a .runtime_idle() callback needs\nto protect it from running in parallel with whatever code runs after\npm_runtime_get_sync(). [Note that .runtime_idle() will not start after\npm_runtime_get_sync() has returned, but it may continue running then if it\nhas started earlier.]\n\nOne way to address that race condition is to call pm_runtime_barrier()\nafter pm_runtime_get_sync() (not before it, because a nonzero value of the\nruntime PM usage counter is necessary to prevent runtime PM callbacks from\nbeing invoked) to wait for the .runtime_idle() callback to complete should\nit be running at that point. A suitable place for doing that is in\npci_device_remove() which calls pm_runtime_get_sync() before removing the\ndriver, so it may as well call pm_runtime_barrier() subsequently, which\nwill prevent the race in question from occurring, not just in the rtsx_pcr\ndriver, but in any PCI drivers providing .runtime_idle() callbacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35809",
"url": "https://www.suse.com/security/cve/CVE-2024-35809"
},
{
"category": "external",
"summary": "SUSE Bug 1224738 for CVE-2024-35809",
"url": "https://bugzilla.suse.com/1224738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35809"
},
{
"cve": "CVE-2024-35811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach\n\nThis is the candidate patch of CVE-2023-47233 :\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47233\n\nIn brcm80211 driver,it starts with the following invoking chain\nto start init a timeout worker:\n\n-\u003ebrcmf_usb_probe\n -\u003ebrcmf_usb_probe_cb\n -\u003ebrcmf_attach\n -\u003ebrcmf_bus_started\n -\u003ebrcmf_cfg80211_attach\n -\u003ewl_init_priv\n -\u003ebrcmf_init_escan\n -\u003eINIT_WORK(\u0026cfg-\u003eescan_timeout_work,\n\t\t brcmf_cfg80211_escan_timeout_worker);\n\nIf we disconnect the USB by hotplug, it will call\nbrcmf_usb_disconnect to make cleanup. The invoking chain is :\n\nbrcmf_usb_disconnect\n -\u003ebrcmf_usb_disconnect_cb\n -\u003ebrcmf_detach\n -\u003ebrcmf_cfg80211_detach\n -\u003ekfree(cfg);\n\nWhile the timeout woker may still be running. This will cause\na use-after-free bug on cfg in brcmf_cfg80211_escan_timeout_worker.\n\nFix it by deleting the timer and canceling the worker in\nbrcmf_cfg80211_detach.\n\n[arend.vanspriel@broadcom.com: keep timer delete as is and cancel work just before free]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35811",
"url": "https://www.suse.com/security/cve/CVE-2024-35811"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2024-35811",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tc358743: register v4l2 async device only after successful setup\n\nEnsure the device has been setup correctly before registering the v4l2\nasync device, thus allowing userspace to access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35830",
"url": "https://www.suse.com/security/cve/CVE-2024-35830"
},
{
"category": "external",
"summary": "SUSE Bug 1224680 for CVE-2024-35830",
"url": "https://bugzilla.suse.com/1224680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35830"
},
{
"cve": "CVE-2024-35849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix information leak in btrfs_ioctl_logical_to_ino()\n\nSyzbot reported the following information leak for in\nbtrfs_ioctl_logical_to_ino():\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n btrfs_ioctl_logical_to_ino+0x440/0x750 fs/btrfs/ioctl.c:3499\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Uninit was created at:\n __kmalloc_large_node+0x231/0x370 mm/slub.c:3921\n __do_kmalloc_node mm/slub.c:3954 [inline]\n __kmalloc_node+0xb07/0x1060 mm/slub.c:3973\n kmalloc_node include/linux/slab.h:648 [inline]\n kvmalloc_node+0xc0/0x2d0 mm/util.c:634\n kvmalloc include/linux/slab.h:766 [inline]\n init_data_container+0x49/0x1e0 fs/btrfs/backref.c:2779\n btrfs_ioctl_logical_to_ino+0x17c/0x750 fs/btrfs/ioctl.c:3480\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Bytes 40-65535 of 65536 are uninitialized\n Memory access of size 65536 starts at ffff888045a40000\n\nThis happens, because we\u0027re copying a \u0027struct btrfs_data_container\u0027 back\nto user-space. This btrfs_data_container is allocated in\n\u0027init_data_container()\u0027 via kvmalloc(), which does not zero-fill the\nmemory.\n\nFix this by using kvzalloc() which zeroes out the memory on allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35849",
"url": "https://www.suse.com/security/cve/CVE-2024-35849"
},
{
"category": "external",
"summary": "SUSE Bug 1224733 for CVE-2024-35849",
"url": "https://bugzilla.suse.com/1224733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: fix VM_PAT handling in COW mappings\n\nPAT handling won\u0027t do the right thing in COW mappings: the first PTE (or,\nin fact, all PTEs) can be replaced during write faults to point at anon\nfolios. Reliably recovering the correct PFN and cachemode using\nfollow_phys() from PTEs will not work in COW mappings.\n\nUsing follow_phys(), we might just get the address+protection of the anon\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\ntrack_pfn_copy(), not properly calling free_pfn_range().\n\nIn free_pfn_range(), we either wouldn\u0027t call memtype_free() or would call\nit with the wrong range, possibly leaking memory.\n\nTo fix that, let\u0027s update follow_phys() to refuse returning anon folios,\nand fallback to using the stored PFN inside vma-\u003evm_pgoff for COW mappings\nif we run into that.\n\nWe will now properly handle untrack_pfn() with COW mappings, where we\ndon\u0027t need the cachemode. We\u0027ll have to fail fork()-\u003etrack_pfn_copy() if\nthe first page was replaced by an anon folio, though: we\u0027d have to store\nthe cachemode in the VMA to make this work, likely growing the VMA size.\n\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\ncase: it would have failed in the past with swap/nonswap entries already,\nand it would have done the wrong thing with anon folios.\n\nSimple reproducer to trigger the WARN_ON_ONCE() in untrack_pfn():\n\n\u003c--- C reproducer ---\u003e\n #include \u003cstdio.h\u003e\n #include \u003csys/mman.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003cliburing.h\u003e\n\n int main(void)\n {\n struct io_uring_params p = {};\n int ring_fd;\n size_t size;\n char *map;\n\n ring_fd = io_uring_setup(1, \u0026p);\n if (ring_fd \u003c 0) {\n perror(\"io_uring_setup\");\n return 1;\n }\n size = p.sq_off.array + p.sq_entries * sizeof(unsigned);\n\n /* Map the submission queue ring MAP_PRIVATE */\n map = mmap(0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE,\n ring_fd, IORING_OFF_SQ_RING);\n if (map == MAP_FAILED) {\n perror(\"mmap\");\n return 1;\n }\n\n /* We have at least one page. Let\u0027s COW it. */\n *map = 0;\n pause();\n return 0;\n }\n\u003c--- C reproducer ---\u003e\n\nOn a system with 16 GiB RAM and swap configured:\n # ./iouring \u0026\n # memhog 16G\n # killall iouring\n[ 301.552930] ------------[ cut here ]------------\n[ 301.553285] WARNING: CPU: 7 PID: 1402 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0xf4/0x100\n[ 301.553989] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_g\n[ 301.558232] CPU: 7 PID: 1402 Comm: iouring Not tainted 6.7.5-100.fc38.x86_64 #1\n[ 301.558772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebu4\n[ 301.559569] RIP: 0010:untrack_pfn+0xf4/0x100\n[ 301.559893] Code: 75 c4 eb cf 48 8b 43 10 8b a8 e8 00 00 00 3b 6b 28 74 b8 48 8b 7b 30 e8 ea 1a f7 000\n[ 301.561189] RSP: 0018:ffffba2c0377fab8 EFLAGS: 00010282\n[ 301.561590] RAX: 00000000ffffffea RBX: ffff9208c8ce9cc0 RCX: 000000010455e047\n[ 301.562105] RDX: 07fffffff0eb1e0a RSI: 0000000000000000 RDI: ffff9208c391d200\n[ 301.562628] RBP: 0000000000000000 R08: ffffba2c0377fab8 R09: 0000000000000000\n[ 301.563145] R10: ffff9208d2292d50 R11: 0000000000000002 R12: 00007fea890e0000\n[ 301.563669] R13: 0000000000000000 R14: ffffba2c0377fc08 R15: 0000000000000000\n[ 301.564186] FS: 0000000000000000(0000) GS:ffff920c2fbc0000(0000) knlGS:0000000000000000\n[ 301.564773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 301.565197] CR2: 00007fea88ee8a20 CR3: 00000001033a8000 CR4: 0000000000750ef0\n[ 301.565725] PKRU: 55555554\n[ 301.565944] Call Trace:\n[ 301.566148] \u003cTASK\u003e\n[ 301.566325] ? untrack_pfn+0xf4/0x100\n[ 301.566618] ? __warn+0x81/0x130\n[ 301.566876] ? untrack_pfn+0xf4/0x100\n[ 3\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35877",
"url": "https://www.suse.com/security/cve/CVE-2024-35877"
},
{
"category": "external",
"summary": "SUSE Bug 1224525 for CVE-2024-35877",
"url": "https://bugzilla.suse.com/1224525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: prevent NULL pointer dereference in vsnprintf()\n\nIn of_modalias(), we can get passed the str and len parameters which would\ncause a kernel oops in vsnprintf() since it only allows passing a NULL ptr\nwhen the length is also 0. Also, we need to filter out the negative values\nof the len parameter as these will result in a really huge buffer since\nsnprintf() takes size_t parameter while ours is ssize_t...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35878",
"url": "https://www.suse.com/security/cve/CVE-2024-35878"
},
{
"category": "external",
"summary": "SUSE Bug 1224671 for CVE-2024-35878",
"url": "https://bugzilla.suse.com/1224671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: fix use-after-free bugs caused by ax25_ds_del_timer\n\nWhen the ax25 device is detaching, the ax25_dev_device_down()\ncalls ax25_ds_del_timer() to cleanup the slave_timer. When\nthe timer handler is running, the ax25_ds_del_timer() that\ncalls del_timer() in it will return directly. As a result,\nthe use-after-free bugs could happen, one of the scenarios\nis shown below:\n\n (Thread 1) | (Thread 2)\n | ax25_ds_timeout()\nax25_dev_device_down() |\n ax25_ds_del_timer() |\n del_timer() |\n ax25_dev_put() //FREE |\n | ax25_dev-\u003e //USE\n\nIn order to mitigate bugs, when the device is detaching, use\ntimer_shutdown_sync() to stop the timer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35887",
"url": "https://www.suse.com/security/cve/CVE-2024-35887"
},
{
"category": "external",
"summary": "SUSE Bug 1224663 for CVE-2024-35887",
"url": "https://bugzilla.suse.com/1224663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35887"
},
{
"cve": "CVE-2024-35895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35895",
"url": "https://www.suse.com/security/cve/CVE-2024-35895"
},
{
"category": "external",
"summary": "SUSE Bug 1224511 for CVE-2024-35895",
"url": "https://bugzilla.suse.com/1224511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix error cleanup path in nfsd_rename()\n\nCommit a8b0026847b8 (\"rename(): avoid a deadlock in the case of parents\nhaving no common ancestor\") added an error bail out path. However this\npath does not drop the remount protection that has been acquired. Fix\nthe cleanup path to properly drop the remount protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35914",
"url": "https://www.suse.com/security/cve/CVE-2024-35914"
},
{
"category": "external",
"summary": "SUSE Bug 1224482 for CVE-2024-35914",
"url": "https://bugzilla.suse.com/1224482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-35932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: don\u0027t check if plane-\u003estate-\u003efb == state-\u003efb\n\nCurrently, when using non-blocking commits, we can see the following\nkernel warning:\n\n[ 110.908514] ------------[ cut here ]------------\n[ 110.908529] refcount_t: underflow; use-after-free.\n[ 110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0\n[ 110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_hash aes_arm64 aes_generic algif_skcipher af_alg bnep hid_logitech_hidpp vc4 brcmfmac hci_uart btbcm brcmutil bluetooth snd_soc_hdmi_codec cfg80211 cec drm_display_helper drm_dma_helper drm_kms_helper snd_soc_core snd_compress snd_pcm_dmaengine fb_sys_fops sysimgblt syscopyarea sysfillrect raspberrypi_hwmon ecdh_generic ecc rfkill libaes i2c_bcm2835 binfmt_misc joydev snd_bcm2835(C) bcm2835_codec(C) bcm2835_isp(C) v4l2_mem2mem videobuf2_dma_contig snd_pcm bcm2835_v4l2(C) raspberrypi_gpiomem bcm2835_mmal_vchiq(C) videobuf2_v4l2 snd_timer videobuf2_vmalloc videobuf2_memops videobuf2_common snd videodev vc_sm_cma(C) mc hid_logitech_dj uio_pdrv_genirq uio i2c_dev drm fuse dm_mod drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 110.909086] CPU: 0 PID: 1866 Comm: kodi.bin Tainted: G C 6.1.66-v8+ #32\n[ 110.909104] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 110.909114] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 110.909132] pc : refcount_dec_not_one+0xb8/0xc0\n[ 110.909152] lr : refcount_dec_not_one+0xb4/0xc0\n[ 110.909170] sp : ffffffc00913b9c0\n[ 110.909177] x29: ffffffc00913b9c0 x28: 000000556969bbb0 x27: 000000556990df60\n[ 110.909205] x26: 0000000000000002 x25: 0000000000000004 x24: ffffff8004448480\n[ 110.909230] x23: ffffff800570b500 x22: ffffff802e03a7bc x21: ffffffecfca68c78\n[ 110.909257] x20: ffffff8002b42000 x19: ffffff802e03a600 x18: 0000000000000000\n[ 110.909283] x17: 0000000000000011 x16: ffffffffffffffff x15: 0000000000000004\n[ 110.909308] x14: 0000000000000fff x13: ffffffed577e47e0 x12: 0000000000000003\n[ 110.909333] x11: 0000000000000000 x10: 0000000000000027 x9 : c912d0d083728c00\n[ 110.909359] x8 : c912d0d083728c00 x7 : 65646e75203a745f x6 : 746e756f63666572\n[ 110.909384] x5 : ffffffed579f62ee x4 : ffffffed579eb01e x3 : 0000000000000000\n[ 110.909409] x2 : 0000000000000000 x1 : ffffffc00913b750 x0 : 0000000000000001\n[ 110.909434] Call trace:\n[ 110.909441] refcount_dec_not_one+0xb8/0xc0\n[ 110.909461] vc4_bo_dec_usecnt+0x4c/0x1b0 [vc4]\n[ 110.909903] vc4_cleanup_fb+0x44/0x50 [vc4]\n[ 110.910315] drm_atomic_helper_cleanup_planes+0x88/0xa4 [drm_kms_helper]\n[ 110.910669] vc4_atomic_commit_tail+0x390/0x9dc [vc4]\n[ 110.911079] commit_tail+0xb0/0x164 [drm_kms_helper]\n[ 110.911397] drm_atomic_helper_commit+0x1d0/0x1f0 [drm_kms_helper]\n[ 110.911716] drm_atomic_commit+0xb0/0xdc [drm]\n[ 110.912569] drm_mode_atomic_ioctl+0x348/0x4b8 [drm]\n[ 110.913330] drm_ioctl_kernel+0xec/0x15c [drm]\n[ 110.914091] drm_ioctl+0x24c/0x3b0 [drm]\n[ 110.914850] __arm64_sys_ioctl+0x9c/0xd4\n[ 110.914873] invoke_syscall+0x4c/0x114\n[ 110.914897] el0_svc_common+0xd0/0x118\n[ 110.914917] do_el0_svc+0x38/0xd0\n[ 110.914936] el0_svc+0x30/0x8c\n[ 110.914958] el0t_64_sync_handler+0x84/0xf0\n[ 110.914979] el0t_64_sync+0x18c/0x190\n[ 110.914996] ---[ end trace 0000000000000000 ]---\n\nThis happens because, although `prepare_fb` and `cleanup_fb` are\nperfectly balanced, we cannot guarantee consistency in the check\nplane-\u003estate-\u003efb == state-\u003efb. This means that sometimes we can increase\nthe refcount in `prepare_fb` and don\u0027t decrease it in `cleanup_fb`. The\nopposite can also be true.\n\nIn fact, the struct drm_plane .state shouldn\u0027t be accessed directly\nbut instead, the `drm_atomic_get_new_plane_state()` helper function should\nbe used. So, we could stick to this check, but using\n`drm_atomic_get_new_plane_state()`. But actually, this check is not re\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35932",
"url": "https://www.suse.com/security/cve/CVE-2024-35932"
},
{
"category": "external",
"summary": "SUSE Bug 1224650 for CVE-2024-35932",
"url": "https://bugzilla.suse.com/1224650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35932"
},
{
"cve": "CVE-2024-35935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: send: handle path ref underflow in header iterate_inode_ref()\n\nChange BUG_ON to proper error handling if building the path buffer\nfails. The pointers are not printed so we don\u0027t accidentally leak kernel\naddresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35935",
"url": "https://www.suse.com/security/cve/CVE-2024-35935"
},
{
"category": "external",
"summary": "SUSE Bug 1224645 for CVE-2024-35935",
"url": "https://bugzilla.suse.com/1224645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()\n\nThe unhandled case in btrfs_relocate_sys_chunks() loop is a corruption,\nas it could be caused only by two impossible conditions:\n\n- at first the search key is set up to look for a chunk tree item, with\n offset -1, this is an inexact search and the key-\u003eoffset will contain\n the correct offset upon a successful search, a valid chunk tree item\n cannot have an offset -1\n\n- after first successful search, the found_key corresponds to a chunk\n item, the offset is decremented by 1 before the next loop, it\u0027s\n impossible to find a chunk item there due to alignment and size\n constraints",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35936",
"url": "https://www.suse.com/security/cve/CVE-2024-35936"
},
{
"category": "external",
"summary": "SUSE Bug 1224644 for CVE-2024-35936",
"url": "https://bugzilla.suse.com/1224644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()\n\nSyzkaller hit \u0027WARNING in dg_dispatch_as_host\u0027 bug.\n\nmemcpy: detected field-spanning write (size 56) of single field \"\u0026dg_info-\u003emsg\"\nat drivers/misc/vmw_vmci/vmci_datagram.c:237 (size 24)\n\nWARNING: CPU: 0 PID: 1555 at drivers/misc/vmw_vmci/vmci_datagram.c:237\ndg_dispatch_as_host+0x88e/0xa60 drivers/misc/vmw_vmci/vmci_datagram.c:237\n\nSome code commentry, based on my understanding:\n\n544 #define VMCI_DG_SIZE(_dg) (VMCI_DG_HEADERSIZE + (size_t)(_dg)-\u003epayload_size)\n/// This is 24 + payload_size\n\nmemcpy(\u0026dg_info-\u003emsg, dg, dg_size);\n\tDestination = dg_info-\u003emsg ---\u003e this is a 24 byte\n\t\t\t\t\tstructure(struct vmci_datagram)\n\tSource = dg --\u003e this is a 24 byte structure (struct vmci_datagram)\n\tSize = dg_size = 24 + payload_size\n\n{payload_size = 56-24 =32} -- Syzkaller managed to set payload_size to 32.\n\n 35 struct delayed_datagram_info {\n 36 struct datagram_entry *entry;\n 37 struct work_struct work;\n 38 bool in_dg_host_queue;\n 39 /* msg and msg_payload must be together. */\n 40 struct vmci_datagram msg;\n 41 u8 msg_payload[];\n 42 };\n\nSo those extra bytes of payload are copied into msg_payload[], a run time\nwarning is seen while fuzzing with Syzkaller.\n\nOne possible way to fix the warning is to split the memcpy() into\ntwo parts -- one -- direct assignment of msg and second taking care of payload.\n\nGustavo quoted:\n\"Under FORTIFY_SOURCE we should not copy data across multiple members\nin a structure.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35944",
"url": "https://www.suse.com/security/cve/CVE-2024-35944"
},
{
"category": "external",
"summary": "SUSE Bug 1224648 for CVE-2024-35944",
"url": "https://bugzilla.suse.com/1224648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Fix possible use-after-free issue on kprobe registration\n\nWhen unloading a module, its state is changing MODULE_STATE_LIVE -\u003e\n MODULE_STATE_GOING -\u003e MODULE_STATE_UNFORMED. Each change will take\na time. `is_module_text_address()` and `__module_text_address()`\nworks with MODULE_STATE_LIVE and MODULE_STATE_GOING.\nIf we use `is_module_text_address()` and `__module_text_address()`\nseparately, there is a chance that the first one is succeeded but the\nnext one is failed because module-\u003estate becomes MODULE_STATE_UNFORMED\nbetween those operations.\n\nIn `check_kprobe_address_safe()`, if the second `__module_text_address()`\nis failed, that is ignored because it expected a kernel_text address.\nBut it may have failed simply because module-\u003estate has been changed\nto MODULE_STATE_UNFORMED. In this case, arm_kprobe() will try to modify\nnon-exist module text address (use-after-free).\n\nTo fix this problem, we should not use separated `is_module_text_address()`\nand `__module_text_address()`, but use only `__module_text_address()`\nonce and do `try_module_get(module)` which is only available with\nMODULE_STATE_LIVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35955",
"url": "https://www.suse.com/security/cve/CVE-2024-35955"
},
{
"category": "external",
"summary": "SUSE Bug 1224676 for CVE-2024-35955",
"url": "https://bugzilla.suse.com/1224676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr\n\nAlthough ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it\nstill means hlist_for_each_entry_rcu can return an item that got removed\nfrom the list. The memory itself of such item is not freed thanks to RCU\nbut nothing guarantees the actual content of the memory is sane.\n\nIn particular, the reference count can be zero. This can happen if\nipv6_del_addr is called in parallel. ipv6_del_addr removes the entry\nfrom inet6_addr_lst (hlist_del_init_rcu(\u0026ifp-\u003eaddr_lst)) and drops all\nreferences (__in6_ifa_put(ifp) + in6_ifa_put(ifp)). With bad enough\ntiming, this can happen:\n\n1. In ipv6_get_ifaddr, hlist_for_each_entry_rcu returns an entry.\n\n2. Then, the whole ipv6_del_addr is executed for the given entry. The\n reference count drops to zero and kfree_rcu is scheduled.\n\n3. ipv6_get_ifaddr continues and tries to increments the reference count\n (in6_ifa_hold).\n\n4. The rcu is unlocked and the entry is freed.\n\n5. The freed entry is returned.\n\nPrevent increasing of the reference count in such case. The name\nin6_ifa_hold_safe is chosen to mimic the existing fib6_info_hold_safe.\n\n[ 41.506330] refcount_t: addition on 0; use-after-free.\n[ 41.506760] WARNING: CPU: 0 PID: 595 at lib/refcount.c:25 refcount_warn_saturate+0xa5/0x130\n[ 41.507413] Modules linked in: veth bridge stp llc\n[ 41.507821] CPU: 0 PID: 595 Comm: python3 Not tainted 6.9.0-rc2.main-00208-g49563be82afa #14\n[ 41.508479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n[ 41.509163] RIP: 0010:refcount_warn_saturate+0xa5/0x130\n[ 41.509586] Code: ad ff 90 0f 0b 90 90 c3 cc cc cc cc 80 3d c0 30 ad 01 00 75 a0 c6 05 b7 30 ad 01 01 90 48 c7 c7 38 cc 7a 8c e8 cc 18 ad ff 90 \u003c0f\u003e 0b 90 90 c3 cc cc cc cc 80 3d 98 30 ad 01 00 0f 85 75 ff ff ff\n[ 41.510956] RSP: 0018:ffffbda3c026baf0 EFLAGS: 00010282\n[ 41.511368] RAX: 0000000000000000 RBX: ffff9e9c46914800 RCX: 0000000000000000\n[ 41.511910] RDX: ffff9e9c7ec29c00 RSI: ffff9e9c7ec1c900 RDI: ffff9e9c7ec1c900\n[ 41.512445] RBP: ffff9e9c43660c9c R08: 0000000000009ffb R09: 00000000ffffdfff\n[ 41.512998] R10: 00000000ffffdfff R11: ffffffff8ca58a40 R12: ffff9e9c4339a000\n[ 41.513534] R13: 0000000000000001 R14: ffff9e9c438a0000 R15: ffffbda3c026bb48\n[ 41.514086] FS: 00007fbc4cda1740(0000) GS:ffff9e9c7ec00000(0000) knlGS:0000000000000000\n[ 41.514726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 41.515176] CR2: 000056233b337d88 CR3: 000000000376e006 CR4: 0000000000370ef0\n[ 41.515713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 41.516252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 41.516799] Call Trace:\n[ 41.517037] \u003cTASK\u003e\n[ 41.517249] ? __warn+0x7b/0x120\n[ 41.517535] ? refcount_warn_saturate+0xa5/0x130\n[ 41.517923] ? report_bug+0x164/0x190\n[ 41.518240] ? handle_bug+0x3d/0x70\n[ 41.518541] ? exc_invalid_op+0x17/0x70\n[ 41.520972] ? asm_exc_invalid_op+0x1a/0x20\n[ 41.521325] ? refcount_warn_saturate+0xa5/0x130\n[ 41.521708] ipv6_get_ifaddr+0xda/0xe0\n[ 41.522035] inet6_rtm_getaddr+0x342/0x3f0\n[ 41.522376] ? __pfx_inet6_rtm_getaddr+0x10/0x10\n[ 41.522758] rtnetlink_rcv_msg+0x334/0x3d0\n[ 41.523102] ? netlink_unicast+0x30f/0x390\n[ 41.523445] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n[ 41.523832] netlink_rcv_skb+0x53/0x100\n[ 41.524157] netlink_unicast+0x23b/0x390\n[ 41.524484] netlink_sendmsg+0x1f2/0x440\n[ 41.524826] __sys_sendto+0x1d8/0x1f0\n[ 41.525145] __x64_sys_sendto+0x1f/0x30\n[ 41.525467] do_syscall_64+0xa5/0x1b0\n[ 41.525794] entry_SYSCALL_64_after_hwframe+0x72/0x7a\n[ 41.526213] RIP: 0033:0x7fbc4cfcea9a\n[ 41.526528] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89\n[ 41.527942] RSP: 002b:00007f\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35969",
"url": "https://www.suse.com/security/cve/CVE-2024-35969"
},
{
"category": "external",
"summary": "SUSE Bug 1224580 for CVE-2024-35969",
"url": "https://bugzilla.suse.com/1224580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid infinite loop trying to resize local TT\n\nIf the MTU of one of an attached interface becomes too small to transmit\nthe local translation table then it must be resized to fit inside all\nfragments (when enabled) or a single packet.\n\nBut if the MTU becomes too low to transmit even the header + the VLAN\nspecific part then the resizing of the local TT will never succeed. This\ncan for example happen when the usable space is 110 bytes and 11 VLANs are\non top of batman-adv. In this case, at least 116 byte would be needed.\nThere will just be an endless spam of\n\n batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)\n\nin the log but the function will never finish. Problem here is that the\ntimeout will be halved all the time and will then stagnate at 0 and\ntherefore never be able to reduce the table even more.\n\nThere are other scenarios possible with a similar result. The number of\nBATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too\nhigh to fit inside a packet. Such a scenario can therefore happen also with\nonly a single VLAN + 7 non-purgable addresses - requiring at least 120\nbytes.\n\nWhile this should be handled proactively when:\n\n* interface with too low MTU is added\n* VLAN is added\n* non-purgeable local mac is added\n* MTU of an attached interface is reduced\n* fragmentation setting gets disabled (which most likely requires dropping\n attached interfaces)\n\nnot all of these scenarios can be prevented because batman-adv is only\nconsuming events without the the possibility to prevent these actions\n(non-purgable MAC address added, MTU of an attached interface is reduced).\nIt is therefore necessary to also make sure that the code is able to handle\nalso the situations when there were already incompatible system\nconfiguration are present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35982",
"url": "https://www.suse.com/security/cve/CVE-2024-35982"
},
{
"category": "external",
"summary": "SUSE Bug 1224566 for CVE-2024-35982",
"url": "https://bugzilla.suse.com/1224566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-36015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36015",
"url": "https://www.suse.com/security/cve/CVE-2024-36015"
},
{
"category": "external",
"summary": "SUSE Bug 1225640 for CVE-2024-36015",
"url": "https://bugzilla.suse.com/1225640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-msm: pervent access to suspended controller\n\nGeneric sdhci code registers LED device and uses host-\u003eruntime_suspended\nflag to protect access to it. The sdhci-msm driver doesn\u0027t set this flag,\nwhich causes a crash when LED is accessed while controller is runtime\nsuspended. Fix this by setting the flag correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36029",
"url": "https://www.suse.com/security/cve/CVE-2024-36029"
},
{
"category": "external",
"summary": "SUSE Bug 1225708 for CVE-2024-36029",
"url": "https://bugzilla.suse.com/1225708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-36029"
},
{
"cve": "CVE-2024-36954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36954",
"url": "https://www.suse.com/security/cve/CVE-2024-36954"
},
{
"category": "external",
"summary": "SUSE Bug 1225764 for CVE-2024-36954",
"url": "https://bugzilla.suse.com/1225764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_219-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.219.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.219.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.219.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T18:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2024-36954"
}
]
}
suse-su-2024:1870-1
Vulnerability from csaf_suse
Published
2024-05-30 14:27
Modified
2024-05-30 14:27
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).
- CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509).
- CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060).
- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
- CVE-2021-46909: Fixed PCI interrupt mapping in ARM footbridge (bsc#1220442).
- CVE-2021-46938: Fixed double free of blk_mq_tag_set in dev remove after table load fails (bsc#1220554).
- CVE-2021-46939: Fixed possible hung in trace_clock_global() (bsc#1220580).
- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).
- CVE-2021-46950: Fixed possible data corruption in md/raid1 when ending a failed write request (bsc#1220662).
- CVE-2021-46958: Fixed race between transaction aborts and fsyncs that could lead to use-after-free in btrfs (bsc#1220521).
- CVE-2021-46960: Fixed wrong error code from smb2_get_enc_key() (bsc#1220528).
- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).
- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).
- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).
- CVE-2021-46981: Fixed NULL pointer in flush_workqueue (bsc#1220611).
- CVE-2021-46988: Fixed possible crash in userfaultfd due to unreleased page (bsc#1220706).
- CVE-2021-46990: Fixed crashes when toggling entry flush barrier in powerpc/64s (bsc#1220743).
- CVE-2021-46998: Fixed a use after free bug in enic_hard_start_xmit() (bsc#1220625).
- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).
- CVE-2021-47015: Fixed RX consumer index logic in the error path in bnxt_en (bsc#1220794).
- CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).
- CVE-2021-47034: Fixed resolved pte update for kernel memory on radix in powerpc/64s (bsc#1220687).
- CVE-2021-47045: Fixed null pointer dereference in lpfc_prep_els_iocb() (bsc#1220640).
- CVE-2021-47049: Fixed Use after free in __vmbus_open() (bsc#1220692).
- CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).
- CVE-2021-47056: Fixed uninitialized lock in adf_vf2pf_shutdown() (bsc#1220769).
- CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).
- CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745).
- CVE-2021-47063: Fixed possible use-after-free in panel_bridge_detach() (bsc#1220777).
- CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).
- CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).
- CVE-2021-47071: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220846).
- CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).
- CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).
- CVE-2021-47114: Fixed data corruption by fallocate in ocfs2 (bsc#1221548).
- CVE-2021-47117: Fixed bug on in ext4_es_cache_extent() as ext4_split_extent_at() failed (bsc#1221575).
- CVE-2021-47118: Fixed possible use-after-free when initializing `cad_pid` (bsc#1221605).
- CVE-2021-47119: Fixed memory leak in ext4_fill_super() (bsc#1221608).
- CVE-2021-47138: Fixed possible out-of-bound memory access in cxgb4 when clearing filters (bsc#1221934).
- CVE-2021-47141: Fixed possible NULL pointer dereference when freeing irqs (bsc#1221949).
- CVE-2021-47142: Fixed a use-after-free in drm/amdgpu (bsc#1221952).
- CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).
- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).
- CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).
- CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).
- CVE-2021-47166: Fixed possible corruptionb in nfs_do_recoalesce() (bsc#1221998).
- CVE-2021-47167: Fixed an Oopsable condition in __nfs_pageio_add_request() (bsc#1221991).
- CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() (bsc#1222002).
- CVE-2021-47169: Fixed possible NULL pointer dereference in serial/rp2 (bsc#1222000).
- CVE-2021-47171: Fixed memory leak in smsc75xx_bind() (bsc#1221994).
- CVE-2021-47173: Fixed memory leak in uss720_probe() (bsc#1221993).
- CVE-2021-47177: Fixed sysfs leak in alloc_iommu() (bsc#1221997).
- CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (bsc#1222001).
- CVE-2021-47180: Fixed memory leak in nci_allocate_device() (bsc#1221999).
- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).
- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
- CVE-2023-52469: Fixed use-after-free in kv_parse_power_table() (bsc#1220411).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#122041).
- CVE-2023-52474: Fixed bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests in hfi1 (bsc#1220445).
- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
- CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie (bsc#1222300).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-7042: Fixed a NULL pointer dereference vulnerability in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-22099: Fixed NULL Pointer Dereference vulnerability in /net/bluetooth/rfcomm/core.c (bsc#1219170).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618).
- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)
- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)
- CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
- CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).
- CVE-2024-26993: Fixed a reference leak in sysfs_break_active_protection() (bsc#1223693)
- CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)
- CVE-2024-26948: Added a dc_state NULL check in dc_state_release (bsc#1223664)
- CVE-2024-27013: Limited printing rate when illegal packet received by tun dev (bsc#1223745).
- CVE-2024-27014: Prevented deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27046: Handled acti_netdevs allocation failure (bsc#1223827).
- CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).
- CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).
- CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).
- CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).
- CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).
- CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).
- CVE-2023-52652: Fixed a possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2024-23848: Fixed a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c (bsc#1219104).
- CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).
- CVE-2024-26817: Used calloc instead of kzalloc to avoid integer overflow (bsc#1222812)
- CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).
- CVE-2023-52620: Disallowed timeout for anonymous sets in nf_tables (bsc#1221825).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26878: Fixed potential NULL pointer dereference, related to dquots (bsc#1223060).
- CVE-2024-26901: Used kzalloc() to fix information leak in do_sys_name_to_handle() (bsc#1223198).
- CVE-2024-26671: Fixed an IO hang from sbitmap wakeup race in blk_mq_mark_tag_wait() (bsc#1222357).
- CVE-2024-26772: Avoided allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2023-52614: Fixed a buffer overflow in trans_stat_show() (bsc#1221617).
- CVE-2024-26855: Fixed a potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26857: Made sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26675: Limited MRU to 64K in ppp_async_ioctl() (bsc#1222379).
- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).
- CVE-2023-52488: Converted from _raw_ to _noinc_ regmap functions for FIFO in sc16is7xx (bsc#1221162).
- CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).
- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).
- CVE-2023-52635: Synchronized devfreq_monitor_[start/stop] for devfreq (bsc#1222294).
- CVE-2024-26883: Checked for integer overflow when using roundup_pow_of_two() (bsc#1223035).
- CVE-2024-26884: Fixed a bpf hashtab overflow check on 32-bit architectures (bsc#1223189).
- CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975)
- CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).
- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
- CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).
- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)
- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)
- CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609).
The following non-security bugs were fixed:
- Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).
- Input: drv260x - sleep between polling GO bit (git-fixes).
- Input: ipaq-micro-keys - add error handling for devm_kmemdup.
- Input: xpad - add PXN V900 support.
- USB: core: Fix deadlock in usb_deauthorize_interface().
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- bluetooth: btqca: Fixed a coding style error (git-fixes).
- bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).
- bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).
- bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
- bnx2x: Fix enabling network interfaces without VFs (git-fixes).
- bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).
- ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).
- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).
- fuse: do not unhash root (bsc#1223954).
- iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).
- iommu/amd: Mark interrupt as managed (git-fixes).
- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).
- iommu/amd: Silence warnings under memory pressure (git-fixes).
- iommu: Check if group is NULL before remove device (git-fixes).
- kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- kabi: pci: Add locking to RMW PCI Express Capability Register accessors (kabi).
- lan78xx: Add missing return code checks (git-fixes).
- lan78xx: Add support to dump lan78xx registers (git-fixes).
- lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).
- lan78xx: Fix exception on link speed change (git-fixes).
- lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
- lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
- lan78xx: Fix white space and style issues (git-fixes).
- lan78xx: Modify error messages (git-fixes).
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).
- net/mlx5: Properly convey driver version to firmware (git-fixes).
- net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).
- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).
- net: lan78xx: Make declaration style consistent (git-fixes).
- net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
- net: lan78xx: remove set but not used variable 'event' (git-fixes).
- net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).
- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git-fixes).
- net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).
- nfs: Fix O_DIRECT commit verifier handling (git-fixes).
- nfs: Fix O_DIRECT locking issues (git-fixes).
- nfs: Fix error handling for O_DIRECT write scheduling (bsc#1224785).
- nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).
- nfs: Fix an off by one in root_nfs_cat() (git-fixes).
- nfs: Fix direct WRITE throughput regression (git-fixes).
- nfs: Fix error handling for O_DIRECT write scheduling (git-fixes).
- nfs: More O_DIRECT accounting fixes for error paths (git-fixes).
- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).
- nfs: commit errors should be fatal (git-fixes).
- nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).
- nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).
- nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- nfsd: Retransmit callbacks after client reconnects (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).
- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
- pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
- pci/aspm: Avoid link retraining race (git-fixes).
- pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).
- pci/aspm: Do not warn if already in common clock mode (git-fixes).
- pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).
- pci/aspm: Reduce severity of common clock config message (git-fixes).
- pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).
- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
- pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).
- pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).
- pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).
- pci/pm: Power up all devices during runtime resume (git-fixes).
- pci/sysfs: Protect driver's D3cold preference from user space (git-fixes).
- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
- pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).
- pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).
- pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).
- pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).
- pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
- pci: Rework pcie_retrain_link() wait loop (git-fixes).
- pci: aardvark: Fix setting MSI address (git-fixes).
- pci: aardvark: Fix support for MSI interrupts (git-fixes).
- pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
- pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).
- pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).
- pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).
- pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).
- pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
- pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).
- pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).
- pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).
- pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).
- pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).
- pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- tun: honor IOCB_NOWAIT flag (git-fixes).
- usb: dwc2: Fix memory leak in dwc2_hcd_init.
- usb: dwc2: check return value after calling platform_get_resource() (git-fixes).
- usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).
- usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
- usb: musb: Modify the 'HWVers' register address (git-fixes).
- usb: roles: do not get/set_role() when usb_role_switch is unregistered.
- usb: serial: option: add Fibocom L7xx modules (git-fixes).
- usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).
- usb: storage: set 1.50 as the lower bcdDevice for older 'Super Top' compatibility (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
- usb: usbfs: Do not WARN about excessively large memory allocations.
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
Patchnames
SUSE-2024-1870,SUSE-SLE-HA-12-SP5-2024-1870,SUSE-SLE-Live-Patching-12-SP5-2024-1870,SUSE-SLE-SDK-12-SP5-2024-1870,SUSE-SLE-SERVER-12-SP5-2024-1870,SUSE-SLE-WE-12-SP5-2024-1870
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).\n- CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509).\n- CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060).\n- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).\n- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).\n- CVE-2021-46909: Fixed PCI interrupt mapping in ARM footbridge (bsc#1220442).\n- CVE-2021-46938: Fixed double free of blk_mq_tag_set in dev remove after table load fails (bsc#1220554).\n- CVE-2021-46939: Fixed possible hung in trace_clock_global() (bsc#1220580).\n- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).\n- CVE-2021-46950: Fixed possible data corruption in md/raid1 when ending a failed write request (bsc#1220662).\n- CVE-2021-46958: Fixed race between transaction aborts and fsyncs that could lead to use-after-free in btrfs (bsc#1220521).\n- CVE-2021-46960: Fixed wrong error code from smb2_get_enc_key() (bsc#1220528).\n- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).\n- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).\n- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).\n- CVE-2021-46981: Fixed NULL pointer in flush_workqueue (bsc#1220611).\n- CVE-2021-46988: Fixed possible crash in userfaultfd due to unreleased page (bsc#1220706).\n- CVE-2021-46990: Fixed crashes when toggling entry flush barrier in powerpc/64s (bsc#1220743).\n- CVE-2021-46998: Fixed a use after free bug in enic_hard_start_xmit() (bsc#1220625).\n- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).\n- CVE-2021-47015: Fixed RX consumer index logic in the error path in bnxt_en (bsc#1220794).\n- CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).\n- CVE-2021-47034: Fixed resolved pte update for kernel memory on radix in powerpc/64s (bsc#1220687).\n- CVE-2021-47045: Fixed null pointer dereference in lpfc_prep_els_iocb() (bsc#1220640).\n- CVE-2021-47049: Fixed Use after free in __vmbus_open() (bsc#1220692).\n- CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).\n- CVE-2021-47056: Fixed uninitialized lock in adf_vf2pf_shutdown() (bsc#1220769).\n- CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).\n- CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync\u0027ing SRCU (bsc#1220745).\n- CVE-2021-47063: Fixed possible use-after-free in panel_bridge_detach() (bsc#1220777).\n- CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).\n- CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).\n- CVE-2021-47071: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220846).\n- CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).\n- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).\n- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).\n- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).\n- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).\n- CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).\n- CVE-2021-47114: Fixed data corruption by fallocate in ocfs2 (bsc#1221548).\n- CVE-2021-47117: Fixed bug on in ext4_es_cache_extent() as ext4_split_extent_at() failed (bsc#1221575).\n- CVE-2021-47118: Fixed possible use-after-free when initializing `cad_pid` (bsc#1221605).\n- CVE-2021-47119: Fixed memory leak in ext4_fill_super() (bsc#1221608).\n- CVE-2021-47138: Fixed possible out-of-bound memory access in cxgb4 when clearing filters (bsc#1221934).\n- CVE-2021-47141: Fixed possible NULL pointer dereference when freeing irqs (bsc#1221949).\n- CVE-2021-47142: Fixed a use-after-free in drm/amdgpu (bsc#1221952).\n- CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).\n- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).\n- CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).\n- CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).\n- CVE-2021-47166: Fixed possible corruptionb in nfs_do_recoalesce() (bsc#1221998).\n- CVE-2021-47167: Fixed an Oopsable condition in __nfs_pageio_add_request() (bsc#1221991).\n- CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() (bsc#1222002).\n- CVE-2021-47169: Fixed possible NULL pointer dereference in serial/rp2 (bsc#1222000).\n- CVE-2021-47171: Fixed memory leak in smsc75xx_bind() (bsc#1221994).\n- CVE-2021-47173: Fixed memory leak in uss720_probe() (bsc#1221993).\n- CVE-2021-47177: Fixed sysfs leak in alloc_iommu() (bsc#1221997).\n- CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (bsc#1222001).\n- CVE-2021-47180: Fixed memory leak in nci_allocate_device() (bsc#1221999).\n- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).\n- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).\n- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).\n- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).\n- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).\n- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).\n- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).\n- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).\n- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).\n- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).\n- CVE-2023-52469: Fixed use-after-free in kv_parse_power_table() (bsc#1220411).\n- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#122041).\n- CVE-2023-52474: Fixed bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests in hfi1 (bsc#1220445).\n- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).\n- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).\n- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).\n- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).\n- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).\n- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).\n- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).\n- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).\n- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).\n- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).\n- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).\n- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).\n- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).\n- CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061).\n- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).\n- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie (bsc#1222300).\n- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).\n- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).\n- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).\n- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).\n- CVE-2023-7042: Fixed a NULL pointer dereference vulnerability in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).\n- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).\n- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).\n- CVE-2024-22099: Fixed NULL Pointer Dereference vulnerability in /net/bluetooth/rfcomm/core.c (bsc#1219170).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).\n- CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618).\n- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).\n- CVE-2024-26614: Fixed the initialization of accept_queue\u0027s spinlocks (bsc#1221293).\n- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).\n- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)\n- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)\n- CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).\n- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).\n- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)\n- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).\n- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).\n- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).\n- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).\n- CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223513).\n- CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).\n- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).\n- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).\n- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).\n- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).\n- CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).\n- CVE-2024-26993: Fixed a reference leak in sysfs_break_active_protection() (bsc#1223693)\n- CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)\n- CVE-2024-26948: Added a dc_state NULL check in dc_state_release (bsc#1223664)\n- CVE-2024-27013: Limited printing rate when illegal packet received by tun dev (bsc#1223745).\n- CVE-2024-27014: Prevented deadlock while disabling aRFS (bsc#1223735).\n- CVE-2024-27046: Handled acti_netdevs allocation failure (bsc#1223827).\n- CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).\n- CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).\n- CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).\n- CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).\n- CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).\n- CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).\n- CVE-2023-52652: Fixed a possible name leak in ntb_register_device() (bsc#1223686).\n- CVE-2024-23848: Fixed a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c (bsc#1219104).\n- CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).\n- CVE-2024-26817: Used calloc instead of kzalloc to avoid integer overflow (bsc#1222812)\n- CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).\n- CVE-2023-52620: Disallowed timeout for anonymous sets in nf_tables (bsc#1221825).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26878: Fixed potential NULL pointer dereference, related to dquots (bsc#1223060).\n- CVE-2024-26901: Used kzalloc() to fix information leak in do_sys_name_to_handle() (bsc#1223198).\n- CVE-2024-26671: Fixed an IO hang from sbitmap wakeup race in blk_mq_mark_tag_wait() (bsc#1222357).\n- CVE-2024-26772: Avoided allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).\n- CVE-2023-52614: Fixed a buffer overflow in trans_stat_show() (bsc#1221617).\n- CVE-2024-26855: Fixed a potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).\n- CVE-2024-26857: Made sure to pull inner header in geneve_rx() (bsc#1223058).\n- CVE-2024-26675: Limited MRU to 64K in ppp_async_ioctl() (bsc#1222379).\n- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).\n- CVE-2023-52488: Converted from _raw_ to _noinc_ regmap functions for FIFO in sc16is7xx (bsc#1221162).\n- CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).\n- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).\n- CVE-2023-52635: Synchronized devfreq_monitor_[start/stop] for devfreq (bsc#1222294).\n- CVE-2024-26883: Checked for integer overflow when using roundup_pow_of_two() (bsc#1223035).\n- CVE-2024-26884: Fixed a bpf hashtab overflow check on 32-bit architectures (bsc#1223189).\n- CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975)\n- CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).\n- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).\n- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).\n- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).\n- CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).\n- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)\n- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)\n- CVE-2024-26747: Fixed a NULL pointer issue with USB parent module\u0027s reference (bsc#1222609).\n\nThe following non-security bugs were fixed:\n\n- Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).\n- Input: drv260x - sleep between polling GO bit (git-fixes).\n- Input: ipaq-micro-keys - add error handling for devm_kmemdup.\n- Input: xpad - add PXN V900 support.\n- USB: core: Fix deadlock in usb_deauthorize_interface().\n- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).\n- atl1c: fix error return code in atl1c_probe() (git-fixes).\n- atl1e: fix error return code in atl1e_probe() (git-fixes).\n- bluetooth: btqca: Fixed a coding style error (git-fixes).\n- bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).\n- bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).\n- bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).\n- bnx2x: Fix enabling network interfaces without VFs (git-fixes).\n- bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).\n- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).\n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).\n- ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).\n- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).\n- fuse: do not unhash root (bsc#1223954).\n- iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).\n- iommu/amd: Mark interrupt as managed (git-fixes).\n- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).\n- iommu/amd: Silence warnings under memory pressure (git-fixes).\n- iommu: Check if group is NULL before remove device (git-fixes).\n- kabi fix for pNFS: Fix the pnfs block driver\u0027s calculation of layoutget size (git-fixes).\n- kabi: pci: Add locking to RMW PCI Express Capability Register accessors (kabi).\n- lan78xx: Add missing return code checks (git-fixes).\n- lan78xx: Add support to dump lan78xx registers (git-fixes).\n- lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).\n- lan78xx: Fix exception on link speed change (git-fixes).\n- lan78xx: Fix partial packet errors on suspend/resume (git-fixes).\n- lan78xx: Fix race conditions in suspend/resume handling (git-fixes).\n- lan78xx: Fix white space and style issues (git-fixes).\n- lan78xx: Modify error messages (git-fixes).\n- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).\n- net/mlx5: Properly convey driver version to firmware (git-fixes).\n- net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).\n- net: Fix features skip in for_each_netdev_feature() (git-fixes).\n- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).\n- net: atheros: switch from \u0027pci_\u0027 to \u0027dma_\u0027 API (git-fixes).\n- net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).\n- net: lan78xx: Make declaration style consistent (git-fixes).\n- net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).\n- net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).\n- net: lan78xx: remove set but not used variable \u0027event\u0027 (git-fixes).\n- net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).\n- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).\n- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).\n- net: usb: lan78xx: Remove lots of set but unused \u0027ret\u0027 variables (git-fixes).\n- net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).\n- nfs: Fix O_DIRECT commit verifier handling (git-fixes).\n- nfs: Fix O_DIRECT locking issues (git-fixes).\n- nfs: Fix error handling for O_DIRECT write scheduling (bsc#1224785).\n- nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).\n- nfs: Fix an off by one in root_nfs_cat() (git-fixes).\n- nfs: Fix direct WRITE throughput regression (git-fixes).\n- nfs: Fix error handling for O_DIRECT write scheduling (git-fixes).\n- nfs: More O_DIRECT accounting fixes for error paths (git-fixes).\n- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).\n- nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).\n- nfs: commit errors should be fatal (git-fixes).\n- nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).\n- nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).\n- nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).\n- nfsd: Retransmit callbacks after client reconnects (git-fixes).\n- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).\n- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).\n- pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).\n- pci/aspm: Avoid link retraining race (git-fixes).\n- pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).\n- pci/aspm: Do not warn if already in common clock mode (git-fixes).\n- pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).\n- pci/aspm: Reduce severity of common clock config message (git-fixes).\n- pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).\n- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).\n- pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).\n- pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).\n- pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).\n- pci/pm: Power up all devices during runtime resume (git-fixes).\n- pci/sysfs: Protect driver\u0027s D3cold preference from user space (git-fixes).\n- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n- pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).\n- pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).\n- pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).\n- pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).\n- pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).\n- pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).\n- pci: Rework pcie_retrain_link() wait loop (git-fixes).\n- pci: aardvark: Fix setting MSI address (git-fixes).\n- pci: aardvark: Fix support for MSI interrupts (git-fixes).\n- pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).\n- pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).\n- pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).\n- pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).\n- pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).\n- pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).\n- pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).\n- pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).\n- pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).\n- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).\n- pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).\n- pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).\n- pnfs: Fix the pnfs block driver\u0027s calculation of layoutget size (git-fixes).\n- rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).\n- s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).\n- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).\n- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).\n- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).\n- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).\n- scsi: qla2xxx: Fix double free of fcport (bsc1221816).\n- scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer (bsc1221816).\n- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).\n- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).\n- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).\n- scsi: qla2xxx: Update manufacturer detail (bsc1221816).\n- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).\n- sr9800: Add check for usbnet_get_endpoints (git-fixes).\n- sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).\n- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).\n- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).\n- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).\n- tun: honor IOCB_NOWAIT flag (git-fixes).\n- usb: dwc2: Fix memory leak in dwc2_hcd_init.\n- usb: dwc2: check return value after calling platform_get_resource() (git-fixes).\n- usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).\n- usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).\n- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).\n- usb: musb: Modify the \u0027HWVers\u0027 register address (git-fixes).\n- usb: roles: do not get/set_role() when usb_role_switch is unregistered.\n- usb: serial: option: add Fibocom L7xx modules (git-fixes).\n- usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).\n- usb: storage: set 1.50 as the lower bcdDevice for older \u0027Super Top\u0027 compatibility (git-fixes).\n- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).\n- usb: usbfs: Do not WARN about excessively large memory allocations.\n- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).\n- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1870,SUSE-SLE-HA-12-SP5-2024-1870,SUSE-SLE-Live-Patching-12-SP5-2024-1870,SUSE-SLE-SDK-12-SP5-2024-1870,SUSE-SLE-SERVER-12-SP5-2024-1870,SUSE-SLE-WE-12-SP5-2024-1870",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1870-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1870-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241870-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1870-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-May/035427.html"
},
{
"category": "self",
"summary": "SUSE Bug 1084332",
"url": "https://bugzilla.suse.com/1084332"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1184509",
"url": "https://bugzilla.suse.com/1184509"
},
{
"category": "self",
"summary": "SUSE Bug 1186060",
"url": "https://bugzilla.suse.com/1186060"
},
{
"category": "self",
"summary": "SUSE Bug 1190317",
"url": "https://bugzilla.suse.com/1190317"
},
{
"category": "self",
"summary": "SUSE Bug 1190576",
"url": "https://bugzilla.suse.com/1190576"
},
{
"category": "self",
"summary": "SUSE Bug 1192145",
"url": "https://bugzilla.suse.com/1192145"
},
{
"category": "self",
"summary": "SUSE Bug 1194516",
"url": "https://bugzilla.suse.com/1194516"
},
{
"category": "self",
"summary": "SUSE Bug 1203935",
"url": "https://bugzilla.suse.com/1203935"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1212514",
"url": "https://bugzilla.suse.com/1212514"
},
{
"category": "self",
"summary": "SUSE Bug 1213456",
"url": "https://bugzilla.suse.com/1213456"
},
{
"category": "self",
"summary": "SUSE Bug 1217339",
"url": "https://bugzilla.suse.com/1217339"
},
{
"category": "self",
"summary": "SUSE Bug 1217987",
"url": "https://bugzilla.suse.com/1217987"
},
{
"category": "self",
"summary": "SUSE Bug 1217988",
"url": "https://bugzilla.suse.com/1217988"
},
{
"category": "self",
"summary": "SUSE Bug 1217989",
"url": "https://bugzilla.suse.com/1217989"
},
{
"category": "self",
"summary": "SUSE Bug 1218220",
"url": "https://bugzilla.suse.com/1218220"
},
{
"category": "self",
"summary": "SUSE Bug 1218336",
"url": "https://bugzilla.suse.com/1218336"
},
{
"category": "self",
"summary": "SUSE Bug 1218479",
"url": "https://bugzilla.suse.com/1218479"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1219104",
"url": "https://bugzilla.suse.com/1219104"
},
{
"category": "self",
"summary": "SUSE Bug 1219169",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "self",
"summary": "SUSE Bug 1219170",
"url": "https://bugzilla.suse.com/1219170"
},
{
"category": "self",
"summary": "SUSE Bug 1219618",
"url": "https://bugzilla.suse.com/1219618"
},
{
"category": "self",
"summary": "SUSE Bug 1219623",
"url": "https://bugzilla.suse.com/1219623"
},
{
"category": "self",
"summary": "SUSE Bug 1219847",
"url": "https://bugzilla.suse.com/1219847"
},
{
"category": "self",
"summary": "SUSE Bug 1220320",
"url": "https://bugzilla.suse.com/1220320"
},
{
"category": "self",
"summary": "SUSE Bug 1220366",
"url": "https://bugzilla.suse.com/1220366"
},
{
"category": "self",
"summary": "SUSE Bug 1220394",
"url": "https://bugzilla.suse.com/1220394"
},
{
"category": "self",
"summary": "SUSE Bug 1220411",
"url": "https://bugzilla.suse.com/1220411"
},
{
"category": "self",
"summary": "SUSE Bug 1220416",
"url": "https://bugzilla.suse.com/1220416"
},
{
"category": "self",
"summary": "SUSE Bug 1220418",
"url": "https://bugzilla.suse.com/1220418"
},
{
"category": "self",
"summary": "SUSE Bug 1220422",
"url": "https://bugzilla.suse.com/1220422"
},
{
"category": "self",
"summary": "SUSE Bug 1220442",
"url": "https://bugzilla.suse.com/1220442"
},
{
"category": "self",
"summary": "SUSE Bug 1220445",
"url": "https://bugzilla.suse.com/1220445"
},
{
"category": "self",
"summary": "SUSE Bug 1220505",
"url": "https://bugzilla.suse.com/1220505"
},
{
"category": "self",
"summary": "SUSE Bug 1220521",
"url": "https://bugzilla.suse.com/1220521"
},
{
"category": "self",
"summary": "SUSE Bug 1220528",
"url": "https://bugzilla.suse.com/1220528"
},
{
"category": "self",
"summary": "SUSE Bug 1220536",
"url": "https://bugzilla.suse.com/1220536"
},
{
"category": "self",
"summary": "SUSE Bug 1220538",
"url": "https://bugzilla.suse.com/1220538"
},
{
"category": "self",
"summary": "SUSE Bug 1220554",
"url": "https://bugzilla.suse.com/1220554"
},
{
"category": "self",
"summary": "SUSE Bug 1220572",
"url": "https://bugzilla.suse.com/1220572"
},
{
"category": "self",
"summary": "SUSE Bug 1220580",
"url": "https://bugzilla.suse.com/1220580"
},
{
"category": "self",
"summary": "SUSE Bug 1220611",
"url": "https://bugzilla.suse.com/1220611"
},
{
"category": "self",
"summary": "SUSE Bug 1220625",
"url": "https://bugzilla.suse.com/1220625"
},
{
"category": "self",
"summary": "SUSE Bug 1220628",
"url": "https://bugzilla.suse.com/1220628"
},
{
"category": "self",
"summary": "SUSE Bug 1220637",
"url": "https://bugzilla.suse.com/1220637"
},
{
"category": "self",
"summary": "SUSE Bug 1220640",
"url": "https://bugzilla.suse.com/1220640"
},
{
"category": "self",
"summary": "SUSE Bug 1220662",
"url": "https://bugzilla.suse.com/1220662"
},
{
"category": "self",
"summary": "SUSE Bug 1220687",
"url": "https://bugzilla.suse.com/1220687"
},
{
"category": "self",
"summary": "SUSE Bug 1220692",
"url": "https://bugzilla.suse.com/1220692"
},
{
"category": "self",
"summary": "SUSE Bug 1220703",
"url": "https://bugzilla.suse.com/1220703"
},
{
"category": "self",
"summary": "SUSE Bug 1220706",
"url": "https://bugzilla.suse.com/1220706"
},
{
"category": "self",
"summary": "SUSE Bug 1220739",
"url": "https://bugzilla.suse.com/1220739"
},
{
"category": "self",
"summary": "SUSE Bug 1220742",
"url": "https://bugzilla.suse.com/1220742"
},
{
"category": "self",
"summary": "SUSE Bug 1220743",
"url": "https://bugzilla.suse.com/1220743"
},
{
"category": "self",
"summary": "SUSE Bug 1220745",
"url": "https://bugzilla.suse.com/1220745"
},
{
"category": "self",
"summary": "SUSE Bug 1220751",
"url": "https://bugzilla.suse.com/1220751"
},
{
"category": "self",
"summary": "SUSE Bug 1220768",
"url": "https://bugzilla.suse.com/1220768"
},
{
"category": "self",
"summary": "SUSE Bug 1220769",
"url": "https://bugzilla.suse.com/1220769"
},
{
"category": "self",
"summary": "SUSE Bug 1220777",
"url": "https://bugzilla.suse.com/1220777"
},
{
"category": "self",
"summary": "SUSE Bug 1220790",
"url": "https://bugzilla.suse.com/1220790"
},
{
"category": "self",
"summary": "SUSE Bug 1220794",
"url": "https://bugzilla.suse.com/1220794"
},
{
"category": "self",
"summary": "SUSE Bug 1220829",
"url": "https://bugzilla.suse.com/1220829"
},
{
"category": "self",
"summary": "SUSE Bug 1220836",
"url": "https://bugzilla.suse.com/1220836"
},
{
"category": "self",
"summary": "SUSE Bug 1220843",
"url": "https://bugzilla.suse.com/1220843"
},
{
"category": "self",
"summary": "SUSE Bug 1220846",
"url": "https://bugzilla.suse.com/1220846"
},
{
"category": "self",
"summary": "SUSE Bug 1220850",
"url": "https://bugzilla.suse.com/1220850"
},
{
"category": "self",
"summary": "SUSE Bug 1220871",
"url": "https://bugzilla.suse.com/1220871"
},
{
"category": "self",
"summary": "SUSE Bug 1220927",
"url": "https://bugzilla.suse.com/1220927"
},
{
"category": "self",
"summary": "SUSE Bug 1220960",
"url": "https://bugzilla.suse.com/1220960"
},
{
"category": "self",
"summary": "SUSE Bug 1220985",
"url": "https://bugzilla.suse.com/1220985"
},
{
"category": "self",
"summary": "SUSE Bug 1220987",
"url": "https://bugzilla.suse.com/1220987"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221046",
"url": "https://bugzilla.suse.com/1221046"
},
{
"category": "self",
"summary": "SUSE Bug 1221048",
"url": "https://bugzilla.suse.com/1221048"
},
{
"category": "self",
"summary": "SUSE Bug 1221058",
"url": "https://bugzilla.suse.com/1221058"
},
{
"category": "self",
"summary": "SUSE Bug 1221060",
"url": "https://bugzilla.suse.com/1221060"
},
{
"category": "self",
"summary": "SUSE Bug 1221061",
"url": "https://bugzilla.suse.com/1221061"
},
{
"category": "self",
"summary": "SUSE Bug 1221077",
"url": "https://bugzilla.suse.com/1221077"
},
{
"category": "self",
"summary": "SUSE Bug 1221082",
"url": "https://bugzilla.suse.com/1221082"
},
{
"category": "self",
"summary": "SUSE Bug 1221088",
"url": "https://bugzilla.suse.com/1221088"
},
{
"category": "self",
"summary": "SUSE Bug 1221162",
"url": "https://bugzilla.suse.com/1221162"
},
{
"category": "self",
"summary": "SUSE Bug 1221277",
"url": "https://bugzilla.suse.com/1221277"
},
{
"category": "self",
"summary": "SUSE Bug 1221293",
"url": "https://bugzilla.suse.com/1221293"
},
{
"category": "self",
"summary": "SUSE Bug 1221337",
"url": "https://bugzilla.suse.com/1221337"
},
{
"category": "self",
"summary": "SUSE Bug 1221532",
"url": "https://bugzilla.suse.com/1221532"
},
{
"category": "self",
"summary": "SUSE Bug 1221541",
"url": "https://bugzilla.suse.com/1221541"
},
{
"category": "self",
"summary": "SUSE Bug 1221548",
"url": "https://bugzilla.suse.com/1221548"
},
{
"category": "self",
"summary": "SUSE Bug 1221575",
"url": "https://bugzilla.suse.com/1221575"
},
{
"category": "self",
"summary": "SUSE Bug 1221605",
"url": "https://bugzilla.suse.com/1221605"
},
{
"category": "self",
"summary": "SUSE Bug 1221608",
"url": "https://bugzilla.suse.com/1221608"
},
{
"category": "self",
"summary": "SUSE Bug 1221617",
"url": "https://bugzilla.suse.com/1221617"
},
{
"category": "self",
"summary": "SUSE Bug 1221791",
"url": "https://bugzilla.suse.com/1221791"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221825",
"url": "https://bugzilla.suse.com/1221825"
},
{
"category": "self",
"summary": "SUSE Bug 1221830",
"url": "https://bugzilla.suse.com/1221830"
},
{
"category": "self",
"summary": "SUSE Bug 1221862",
"url": "https://bugzilla.suse.com/1221862"
},
{
"category": "self",
"summary": "SUSE Bug 1221934",
"url": "https://bugzilla.suse.com/1221934"
},
{
"category": "self",
"summary": "SUSE Bug 1221949",
"url": "https://bugzilla.suse.com/1221949"
},
{
"category": "self",
"summary": "SUSE Bug 1221952",
"url": "https://bugzilla.suse.com/1221952"
},
{
"category": "self",
"summary": "SUSE Bug 1221953",
"url": "https://bugzilla.suse.com/1221953"
},
{
"category": "self",
"summary": "SUSE Bug 1221965",
"url": "https://bugzilla.suse.com/1221965"
},
{
"category": "self",
"summary": "SUSE Bug 1221966",
"url": "https://bugzilla.suse.com/1221966"
},
{
"category": "self",
"summary": "SUSE Bug 1221967",
"url": "https://bugzilla.suse.com/1221967"
},
{
"category": "self",
"summary": "SUSE Bug 1221969",
"url": "https://bugzilla.suse.com/1221969"
},
{
"category": "self",
"summary": "SUSE Bug 1221972",
"url": "https://bugzilla.suse.com/1221972"
},
{
"category": "self",
"summary": "SUSE Bug 1221973",
"url": "https://bugzilla.suse.com/1221973"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1221979",
"url": "https://bugzilla.suse.com/1221979"
},
{
"category": "self",
"summary": "SUSE Bug 1221988",
"url": "https://bugzilla.suse.com/1221988"
},
{
"category": "self",
"summary": "SUSE Bug 1221991",
"url": "https://bugzilla.suse.com/1221991"
},
{
"category": "self",
"summary": "SUSE Bug 1221993",
"url": "https://bugzilla.suse.com/1221993"
},
{
"category": "self",
"summary": "SUSE Bug 1221994",
"url": "https://bugzilla.suse.com/1221994"
},
{
"category": "self",
"summary": "SUSE Bug 1221997",
"url": "https://bugzilla.suse.com/1221997"
},
{
"category": "self",
"summary": "SUSE Bug 1221998",
"url": "https://bugzilla.suse.com/1221998"
},
{
"category": "self",
"summary": "SUSE Bug 1221999",
"url": "https://bugzilla.suse.com/1221999"
},
{
"category": "self",
"summary": "SUSE Bug 1222000",
"url": "https://bugzilla.suse.com/1222000"
},
{
"category": "self",
"summary": "SUSE Bug 1222001",
"url": "https://bugzilla.suse.com/1222001"
},
{
"category": "self",
"summary": "SUSE Bug 1222002",
"url": "https://bugzilla.suse.com/1222002"
},
{
"category": "self",
"summary": "SUSE Bug 1222117",
"url": "https://bugzilla.suse.com/1222117"
},
{
"category": "self",
"summary": "SUSE Bug 1222294",
"url": "https://bugzilla.suse.com/1222294"
},
{
"category": "self",
"summary": "SUSE Bug 1222300",
"url": "https://bugzilla.suse.com/1222300"
},
{
"category": "self",
"summary": "SUSE Bug 1222357",
"url": "https://bugzilla.suse.com/1222357"
},
{
"category": "self",
"summary": "SUSE Bug 1222379",
"url": "https://bugzilla.suse.com/1222379"
},
{
"category": "self",
"summary": "SUSE Bug 1222422",
"url": "https://bugzilla.suse.com/1222422"
},
{
"category": "self",
"summary": "SUSE Bug 1222428",
"url": "https://bugzilla.suse.com/1222428"
},
{
"category": "self",
"summary": "SUSE Bug 1222449",
"url": "https://bugzilla.suse.com/1222449"
},
{
"category": "self",
"summary": "SUSE Bug 1222503",
"url": "https://bugzilla.suse.com/1222503"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222609",
"url": "https://bugzilla.suse.com/1222609"
},
{
"category": "self",
"summary": "SUSE Bug 1222610",
"url": "https://bugzilla.suse.com/1222610"
},
{
"category": "self",
"summary": "SUSE Bug 1222613",
"url": "https://bugzilla.suse.com/1222613"
},
{
"category": "self",
"summary": "SUSE Bug 1222618",
"url": "https://bugzilla.suse.com/1222618"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222624",
"url": "https://bugzilla.suse.com/1222624"
},
{
"category": "self",
"summary": "SUSE Bug 1222630",
"url": "https://bugzilla.suse.com/1222630"
},
{
"category": "self",
"summary": "SUSE Bug 1222632",
"url": "https://bugzilla.suse.com/1222632"
},
{
"category": "self",
"summary": "SUSE Bug 1222660",
"url": "https://bugzilla.suse.com/1222660"
},
{
"category": "self",
"summary": "SUSE Bug 1222662",
"url": "https://bugzilla.suse.com/1222662"
},
{
"category": "self",
"summary": "SUSE Bug 1222664",
"url": "https://bugzilla.suse.com/1222664"
},
{
"category": "self",
"summary": "SUSE Bug 1222666",
"url": "https://bugzilla.suse.com/1222666"
},
{
"category": "self",
"summary": "SUSE Bug 1222669",
"url": "https://bugzilla.suse.com/1222669"
},
{
"category": "self",
"summary": "SUSE Bug 1222671",
"url": "https://bugzilla.suse.com/1222671"
},
{
"category": "self",
"summary": "SUSE Bug 1222677",
"url": "https://bugzilla.suse.com/1222677"
},
{
"category": "self",
"summary": "SUSE Bug 1222706",
"url": "https://bugzilla.suse.com/1222706"
},
{
"category": "self",
"summary": "SUSE Bug 1222720",
"url": "https://bugzilla.suse.com/1222720"
},
{
"category": "self",
"summary": "SUSE Bug 1222765",
"url": "https://bugzilla.suse.com/1222765"
},
{
"category": "self",
"summary": "SUSE Bug 1222770",
"url": "https://bugzilla.suse.com/1222770"
},
{
"category": "self",
"summary": "SUSE Bug 1222772",
"url": "https://bugzilla.suse.com/1222772"
},
{
"category": "self",
"summary": "SUSE Bug 1222787",
"url": "https://bugzilla.suse.com/1222787"
},
{
"category": "self",
"summary": "SUSE Bug 1222790",
"url": "https://bugzilla.suse.com/1222790"
},
{
"category": "self",
"summary": "SUSE Bug 1222812",
"url": "https://bugzilla.suse.com/1222812"
},
{
"category": "self",
"summary": "SUSE Bug 1222836",
"url": "https://bugzilla.suse.com/1222836"
},
{
"category": "self",
"summary": "SUSE Bug 1222869",
"url": "https://bugzilla.suse.com/1222869"
},
{
"category": "self",
"summary": "SUSE Bug 1222876",
"url": "https://bugzilla.suse.com/1222876"
},
{
"category": "self",
"summary": "SUSE Bug 1222878",
"url": "https://bugzilla.suse.com/1222878"
},
{
"category": "self",
"summary": "SUSE Bug 1222881",
"url": "https://bugzilla.suse.com/1222881"
},
{
"category": "self",
"summary": "SUSE Bug 1222883",
"url": "https://bugzilla.suse.com/1222883"
},
{
"category": "self",
"summary": "SUSE Bug 1222888",
"url": "https://bugzilla.suse.com/1222888"
},
{
"category": "self",
"summary": "SUSE Bug 1222952",
"url": "https://bugzilla.suse.com/1222952"
},
{
"category": "self",
"summary": "SUSE Bug 1222961",
"url": "https://bugzilla.suse.com/1222961"
},
{
"category": "self",
"summary": "SUSE Bug 1222975",
"url": "https://bugzilla.suse.com/1222975"
},
{
"category": "self",
"summary": "SUSE Bug 1222976",
"url": "https://bugzilla.suse.com/1222976"
},
{
"category": "self",
"summary": "SUSE Bug 1223016",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "self",
"summary": "SUSE Bug 1223035",
"url": "https://bugzilla.suse.com/1223035"
},
{
"category": "self",
"summary": "SUSE Bug 1223049",
"url": "https://bugzilla.suse.com/1223049"
},
{
"category": "self",
"summary": "SUSE Bug 1223051",
"url": "https://bugzilla.suse.com/1223051"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223058",
"url": "https://bugzilla.suse.com/1223058"
},
{
"category": "self",
"summary": "SUSE Bug 1223060",
"url": "https://bugzilla.suse.com/1223060"
},
{
"category": "self",
"summary": "SUSE Bug 1223187",
"url": "https://bugzilla.suse.com/1223187"
},
{
"category": "self",
"summary": "SUSE Bug 1223189",
"url": "https://bugzilla.suse.com/1223189"
},
{
"category": "self",
"summary": "SUSE Bug 1223198",
"url": "https://bugzilla.suse.com/1223198"
},
{
"category": "self",
"summary": "SUSE Bug 1223203",
"url": "https://bugzilla.suse.com/1223203"
},
{
"category": "self",
"summary": "SUSE Bug 1223315",
"url": "https://bugzilla.suse.com/1223315"
},
{
"category": "self",
"summary": "SUSE Bug 1223432",
"url": "https://bugzilla.suse.com/1223432"
},
{
"category": "self",
"summary": "SUSE Bug 1223509",
"url": "https://bugzilla.suse.com/1223509"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223513",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "self",
"summary": "SUSE Bug 1223516",
"url": "https://bugzilla.suse.com/1223516"
},
{
"category": "self",
"summary": "SUSE Bug 1223518",
"url": "https://bugzilla.suse.com/1223518"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223627",
"url": "https://bugzilla.suse.com/1223627"
},
{
"category": "self",
"summary": "SUSE Bug 1223664",
"url": "https://bugzilla.suse.com/1223664"
},
{
"category": "self",
"summary": "SUSE Bug 1223686",
"url": "https://bugzilla.suse.com/1223686"
},
{
"category": "self",
"summary": "SUSE Bug 1223693",
"url": "https://bugzilla.suse.com/1223693"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223735",
"url": "https://bugzilla.suse.com/1223735"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223745",
"url": "https://bugzilla.suse.com/1223745"
},
{
"category": "self",
"summary": "SUSE Bug 1223770",
"url": "https://bugzilla.suse.com/1223770"
},
{
"category": "self",
"summary": "SUSE Bug 1223781",
"url": "https://bugzilla.suse.com/1223781"
},
{
"category": "self",
"summary": "SUSE Bug 1223819",
"url": "https://bugzilla.suse.com/1223819"
},
{
"category": "self",
"summary": "SUSE Bug 1223824",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "self",
"summary": "SUSE Bug 1223827",
"url": "https://bugzilla.suse.com/1223827"
},
{
"category": "self",
"summary": "SUSE Bug 1223837",
"url": "https://bugzilla.suse.com/1223837"
},
{
"category": "self",
"summary": "SUSE Bug 1223842",
"url": "https://bugzilla.suse.com/1223842"
},
{
"category": "self",
"summary": "SUSE Bug 1223843",
"url": "https://bugzilla.suse.com/1223843"
},
{
"category": "self",
"summary": "SUSE Bug 1223844",
"url": "https://bugzilla.suse.com/1223844"
},
{
"category": "self",
"summary": "SUSE Bug 1223883",
"url": "https://bugzilla.suse.com/1223883"
},
{
"category": "self",
"summary": "SUSE Bug 1223885",
"url": "https://bugzilla.suse.com/1223885"
},
{
"category": "self",
"summary": "SUSE Bug 1223921",
"url": "https://bugzilla.suse.com/1223921"
},
{
"category": "self",
"summary": "SUSE Bug 1223941",
"url": "https://bugzilla.suse.com/1223941"
},
{
"category": "self",
"summary": "SUSE Bug 1223952",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "self",
"summary": "SUSE Bug 1223953",
"url": "https://bugzilla.suse.com/1223953"
},
{
"category": "self",
"summary": "SUSE Bug 1223954",
"url": "https://bugzilla.suse.com/1223954"
},
{
"category": "self",
"summary": "SUSE Bug 1224785",
"url": "https://bugzilla.suse.com/1224785"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-25160 page",
"url": "https://www.suse.com/security/cve/CVE-2019-25160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36312 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23134 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46904 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46905 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46907 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46938 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46939 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46941 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46950 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46958 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46960 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46963 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46964 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46966 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46975 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46981 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46988 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46990 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46998 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47006 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47015 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47024 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47034 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47045 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47049 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47055 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47056 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47060 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47061 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47063 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47068 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47070 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47071 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47073 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47100 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47101 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47104 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47110 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47112 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47114 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47117 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47118 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47119 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47141 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47142 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47143 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47146 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47149 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47150 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47153 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47159 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47161 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47165 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47166 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47167 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47168 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47169 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47171 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47173 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47177 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47179 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47180 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47181 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47182 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47183 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47184 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47185 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47188 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47189 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47198 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47202 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47204 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47205 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47207 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47211 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47216 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47217 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0487 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48619 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48626 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48650 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48667 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48668 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48687 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48688 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48695 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48701 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28746 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-35827 page",
"url": "https://www.suse.com/security/cve/CVE-2023-35827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52469 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52470 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52474 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52476 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52477 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52486 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52488 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52509 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52524 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52528 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52575 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52583 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52587 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52595 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52598 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52607 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52607/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52614 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52620 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52628 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52635 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52639 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52644 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52650 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6356 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7192 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2201 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-22099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-22099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26642 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26651 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26689 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26704 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26743 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26744 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26747 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26754 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26771 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26772 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26773 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26778 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26779 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26793 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26839 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26859 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27075 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-05-30T14:27:09Z",
"generator": {
"date": "2024-05-30T14:27:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1870-1",
"initial_release_date": "2024-05-30T14:27:09Z",
"revision_history": [
{
"date": "2024-05-30T14:27:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.216.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.216.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.216.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.216.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.216.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.216.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.216.1.aarch64",
"product_id": "kernel-default-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.216.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.216.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.216.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.216.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.aarch64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.216.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.216.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.216.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.216.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.216.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.216.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.aarch64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.aarch64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.216.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.216.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.216.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.216.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.216.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.216.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.216.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.216.1.noarch",
"product_id": "kernel-devel-4.12.14-122.216.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.216.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.216.1.noarch",
"product_id": "kernel-docs-4.12.14-122.216.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.216.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.216.1.noarch",
"product_id": "kernel-docs-html-4.12.14-122.216.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.216.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.216.1.noarch",
"product_id": "kernel-macros-4.12.14-122.216.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.216.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.216.1.noarch",
"product_id": "kernel-source-4.12.14-122.216.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.216.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.216.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.216.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-debug-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.ppc64le",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.216.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.216.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.216.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.216.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.216.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.216.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.216.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.216.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.216.1.s390x",
"product_id": "kernel-default-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.216.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.216.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.216.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.216.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.216.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.216.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.216.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.216.1.s390x",
"product_id": "kernel-syms-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.216.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.216.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.216.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.s390x",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.216.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.216.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.216.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.216.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.216.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.216.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.216.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.216.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.216.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-122.216.1.x86_64",
"product_id": "kernel-debug-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-122.216.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.216.1.x86_64",
"product_id": "kernel-default-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.216.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.216.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.216.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.216.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.216.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.216.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.216.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.216.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.216.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.x86_64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.x86_64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.216.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.216.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.216.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.216.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-122.216.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-122.216.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.216.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.216.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.216.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.216.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.216.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.216.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.216.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.216.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.216.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.216.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.216.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.216.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-122.216.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-122.216.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-25160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou\u0027ll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn\u0027t exist before\nLinux v4.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-25160",
"url": "https://www.suse.com/security/cve/CVE-2019-25160"
},
{
"category": "external",
"summary": "SUSE Bug 1220394 for CVE-2019-25160",
"url": "https://bugzilla.suse.com/1220394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2019-25160"
},
{
"cve": "CVE-2020-36312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36312"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36312",
"url": "https://www.suse.com/security/cve/CVE-2020-36312"
},
{
"category": "external",
"summary": "SUSE Bug 1184509 for CVE-2020-36312",
"url": "https://bugzilla.suse.com/1184509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "low"
}
],
"title": "CVE-2020-36312"
},
{
"cve": "CVE-2021-23134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23134"
}
],
"notes": [
{
"category": "general",
"text": "Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23134",
"url": "https://www.suse.com/security/cve/CVE-2021-23134"
},
{
"category": "external",
"summary": "SUSE Bug 1186060 for CVE-2021-23134",
"url": "https://bugzilla.suse.com/1186060"
},
{
"category": "external",
"summary": "SUSE Bug 1186061 for CVE-2021-23134",
"url": "https://bugzilla.suse.com/1186061"
},
{
"category": "external",
"summary": "SUSE Bug 1220739 for CVE-2021-23134",
"url": "https://bugzilla.suse.com/1220739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2021-23134"
},
{
"cve": "CVE-2021-46904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix null-ptr-deref during tty device unregistration\n\nMultiple ttys try to claim the same the minor number causing a double\nunregistration of the same device. The first unregistration succeeds\nbut the next one results in a null-ptr-deref.\n\nThe get_free_serial_index() function returns an available minor number\nbut doesn\u0027t assign it immediately. The assignment is done by the caller\nlater. But before this assignment, calls to get_free_serial_index()\nwould return the same minor number.\n\nFix this by modifying get_free_serial_index to assign the minor number\nimmediately after one is found to be and rename it to obtain_minor()\nto better reflect what it does. Similary, rename set_serial_by_index()\nto release_minor() and modify it to free up the minor number of the\ngiven hso_serial. Every obtain_minor() should have corresponding\nrelease_minor() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46904",
"url": "https://www.suse.com/security/cve/CVE-2021-46904"
},
{
"category": "external",
"summary": "SUSE Bug 1220416 for CVE-2021-46904",
"url": "https://bugzilla.suse.com/1220416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46904"
},
{
"cve": "CVE-2021-46905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix NULL-deref on disconnect regression\n\nCommit 8a12f8836145 (\"net: hso: fix null-ptr-deref during tty device\nunregistration\") fixed the racy minor allocation reported by syzbot, but\nintroduced an unconditional NULL-pointer dereference on every disconnect\ninstead.\n\nSpecifically, the serial device table must no longer be accessed after\nthe minor has been released by hso_serial_tty_unregister().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46905",
"url": "https://www.suse.com/security/cve/CVE-2021-46905"
},
{
"category": "external",
"summary": "SUSE Bug 1220418 for CVE-2021-46905",
"url": "https://bugzilla.suse.com/1220418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46905"
},
{
"cve": "CVE-2021-46907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46907"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46907",
"url": "https://www.suse.com/security/cve/CVE-2021-46907"
},
{
"category": "external",
"summary": "SUSE Bug 1220422 for CVE-2021-46907",
"url": "https://bugzilla.suse.com/1220422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "not set"
}
],
"title": "CVE-2021-46907"
},
{
"cve": "CVE-2021-46909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: footbridge: fix PCI interrupt mapping\n\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46909",
"url": "https://www.suse.com/security/cve/CVE-2021-46909"
},
{
"category": "external",
"summary": "SUSE Bug 1220442 for CVE-2021-46909",
"url": "https://bugzilla.suse.com/1220442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46909"
},
{
"cve": "CVE-2021-46938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm rq: fix double free of blk_mq_tag_set in dev remove after table load fails\n\nWhen loading a device-mapper table for a request-based mapped device,\nand the allocation/initialization of the blk_mq_tag_set for the device\nfails, a following device remove will cause a double free.\n\nE.g. (dmesg):\n device-mapper: core: Cannot initialize queue for request-based dm-mq mapped device\n device-mapper: ioctl: unable to set up device queue for new table.\n Unable to handle kernel pointer dereference in virtual kernel address space\n Failing address: 0305e098835de000 TEID: 0305e098835de803\n Fault in home space mode while using kernel ASCE.\n AS:000000025efe0007 R3:0000000000000024\n Oops: 0038 ilc:3 [#1] SMP\n Modules linked in: ... lots of modules ...\n Supported: Yes, External\n CPU: 0 PID: 7348 Comm: multipathd Kdump: loaded Tainted: G W X 5.3.18-53-default #1 SLE15-SP3\n Hardware name: IBM 8561 T01 7I2 (LPAR)\n Krnl PSW : 0704e00180000000 000000025e368eca (kfree+0x42/0x330)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n Krnl GPRS: 000000000000004a 000000025efe5230 c1773200d779968d 0000000000000000\n 000000025e520270 000000025e8d1b40 0000000000000003 00000007aae10000\n 000000025e5202a2 0000000000000001 c1773200d779968d 0305e098835de640\n 00000007a8170000 000003ff80138650 000000025e5202a2 000003e00396faa8\n Krnl Code: 000000025e368eb8: c4180041e100 lgrl %r1,25eba50b8\n 000000025e368ebe: ecba06b93a55 risbg %r11,%r10,6,185,58\n #000000025e368ec4: e3b010000008 ag %r11,0(%r1)\n \u003e000000025e368eca: e310b0080004 lg %r1,8(%r11)\n 000000025e368ed0: a7110001 tmll %r1,1\n 000000025e368ed4: a7740129 brc 7,25e369126\n 000000025e368ed8: e320b0080004 lg %r2,8(%r11)\n 000000025e368ede: b904001b lgr %r1,%r11\n Call Trace:\n [\u003c000000025e368eca\u003e] kfree+0x42/0x330\n [\u003c000000025e5202a2\u003e] blk_mq_free_tag_set+0x72/0xb8\n [\u003c000003ff801316a8\u003e] dm_mq_cleanup_mapped_device+0x38/0x50 [dm_mod]\n [\u003c000003ff80120082\u003e] free_dev+0x52/0xd0 [dm_mod]\n [\u003c000003ff801233f0\u003e] __dm_destroy+0x150/0x1d0 [dm_mod]\n [\u003c000003ff8012bb9a\u003e] dev_remove+0x162/0x1c0 [dm_mod]\n [\u003c000003ff8012a988\u003e] ctl_ioctl+0x198/0x478 [dm_mod]\n [\u003c000003ff8012ac8a\u003e] dm_ctl_ioctl+0x22/0x38 [dm_mod]\n [\u003c000000025e3b11ee\u003e] ksys_ioctl+0xbe/0xe0\n [\u003c000000025e3b127a\u003e] __s390x_sys_ioctl+0x2a/0x40\n [\u003c000000025e8c15ac\u003e] system_call+0xd8/0x2c8\n Last Breaking-Event-Address:\n [\u003c000000025e52029c\u003e] blk_mq_free_tag_set+0x6c/0xb8\n Kernel panic - not syncing: Fatal exception: panic_on_oops\n\nWhen allocation/initialization of the blk_mq_tag_set fails in\ndm_mq_init_request_queue(), it is uninitialized/freed, but the pointer\nis not reset to NULL; so when dev_remove() later gets into\ndm_mq_cleanup_mapped_device() it sees the pointer and tries to\nuninitialize and free it again.\n\nFix this by setting the pointer to NULL in dm_mq_init_request_queue()\nerror-handling. Also set it to NULL in dm_mq_cleanup_mapped_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46938",
"url": "https://www.suse.com/security/cve/CVE-2021-46938"
},
{
"category": "external",
"summary": "SUSE Bug 1220554 for CVE-2021-46938",
"url": "https://bugzilla.suse.com/1220554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46938"
},
{
"cve": "CVE-2021-46939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Restructure trace_clock_global() to never block\n\nIt was reported that a fix to the ring buffer recursion detection would\ncause a hung machine when performing suspend / resume testing. The\nfollowing backtrace was extracted from debugging that case:\n\nCall Trace:\n trace_clock_global+0x91/0xa0\n __rb_reserve_next+0x237/0x460\n ring_buffer_lock_reserve+0x12a/0x3f0\n trace_buffer_lock_reserve+0x10/0x50\n __trace_graph_return+0x1f/0x80\n trace_graph_return+0xb7/0xf0\n ? trace_clock_global+0x91/0xa0\n ftrace_return_to_handler+0x8b/0xf0\n ? pv_hash+0xa0/0xa0\n return_to_handler+0x15/0x30\n ? ftrace_graph_caller+0xa0/0xa0\n ? trace_clock_global+0x91/0xa0\n ? __rb_reserve_next+0x237/0x460\n ? ring_buffer_lock_reserve+0x12a/0x3f0\n ? trace_event_buffer_lock_reserve+0x3c/0x120\n ? trace_event_buffer_reserve+0x6b/0xc0\n ? trace_event_raw_event_device_pm_callback_start+0x125/0x2d0\n ? dpm_run_callback+0x3b/0xc0\n ? pm_ops_is_empty+0x50/0x50\n ? platform_get_irq_byname_optional+0x90/0x90\n ? trace_device_pm_callback_start+0x82/0xd0\n ? dpm_run_callback+0x49/0xc0\n\nWith the following RIP:\n\nRIP: 0010:native_queued_spin_lock_slowpath+0x69/0x200\n\nSince the fix to the recursion detection would allow a single recursion to\nhappen while tracing, this lead to the trace_clock_global() taking a spin\nlock and then trying to take it again:\n\nring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* lock taken */\n (something else gets traced by function graph tracer)\n ring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* DEAD LOCK! */\n\nTracing should *never* block, as it can lead to strange lockups like the\nabove.\n\nRestructure the trace_clock_global() code to instead of simply taking a\nlock to update the recorded \"prev_time\" simply use it, as two events\nhappening on two different CPUs that calls this at the same time, really\ndoesn\u0027t matter which one goes first. Use a trylock to grab the lock for\nupdating the prev_time, and if it fails, simply try again the next time.\nIf it failed to be taken, that means something else is already updating\nit.\n\n\nBugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=212761",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46939",
"url": "https://www.suse.com/security/cve/CVE-2021-46939"
},
{
"category": "external",
"summary": "SUSE Bug 1220580 for CVE-2021-46939",
"url": "https://bugzilla.suse.com/1220580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46939"
},
{
"cve": "CVE-2021-46941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: core: Do core softreset when switch mode\n\n\nAccording to the programming guide, to switch mode for DRD controller,\nthe driver needs to do the following.\n\nTo switch from device to host:\n1. Reset controller with GCTL.CoreSoftReset\n2. Set GCTL.PrtCapDir(host mode)\n3. Reset the host with USBCMD.HCRESET\n4. Then follow up with the initializing host registers sequence\n\nTo switch from host to device:\n1. Reset controller with GCTL.CoreSoftReset\n2. Set GCTL.PrtCapDir(device mode)\n3. Reset the device with DCTL.CSftRst\n4. Then follow up with the initializing registers sequence\n\nCurrently we\u0027re missing step 1) to do GCTL.CoreSoftReset and step 3) of\nswitching from host to device. John Stult reported a lockup issue seen\nwith HiKey960 platform without these steps[1]. Similar issue is observed\nwith Ferry\u0027s testing platform[2].\n\nSo, apply the required steps along with some fixes to Yu Chen\u0027s and John\nStultz\u0027s version. The main fixes to their versions are the missing wait\nfor clocks synchronization before clearing GCTL.CoreSoftReset and only\napply DCTL.CSftRst when switching from host to device.\n\n[1] https://lore.kernel.org/linux-usb/20210108015115.27920-1-john.stultz@linaro.org/\n[2] https://lore.kernel.org/linux-usb/0ba7a6ba-e6a7-9cd4-0695-64fc927e01f1@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46941",
"url": "https://www.suse.com/security/cve/CVE-2021-46941"
},
{
"category": "external",
"summary": "SUSE Bug 1220628 for CVE-2021-46941",
"url": "https://bugzilla.suse.com/1220628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46941"
},
{
"cve": "CVE-2021-46950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: properly indicate failure when ending a failed write request\n\nThis patch addresses a data corruption bug in raid1 arrays using bitmaps.\nWithout this fix, the bitmap bits for the failed I/O end up being cleared.\n\nSince we are in the failure leg of raid1_end_write_request, the request\neither needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46950",
"url": "https://www.suse.com/security/cve/CVE-2021-46950"
},
{
"category": "external",
"summary": "SUSE Bug 1220662 for CVE-2021-46950",
"url": "https://bugzilla.suse.com/1220662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46950"
},
{
"cve": "CVE-2021-46958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between transaction aborts and fsyncs leading to use-after-free\n\nThere is a race between a task aborting a transaction during a commit,\na task doing an fsync and the transaction kthread, which leads to an\nuse-after-free of the log root tree. When this happens, it results in a\nstack trace like the following:\n\n BTRFS info (device dm-0): forced readonly\n BTRFS warning (device dm-0): Skipping commit of aborted transaction.\n BTRFS: error (device dm-0) in cleanup_transaction:1958: errno=-5 IO failure\n BTRFS warning (device dm-0): lost page write due to IO error on /dev/mapper/error-test (-5)\n BTRFS warning (device dm-0): Skipping commit of aborted transaction.\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0xa4e8 len 4096 err no 10\n BTRFS error (device dm-0): error writing primary super block to device 1\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e000 len 4096 err no 10\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e008 len 4096 err no 10\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e010 len 4096 err no 10\n BTRFS: error (device dm-0) in write_all_supers:4110: errno=-5 IO failure (1 errors while writing supers)\n BTRFS: error (device dm-0) in btrfs_sync_log:3308: errno=-5 IO failure\n general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b68: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI\n CPU: 2 PID: 2458471 Comm: fsstress Not tainted 5.12.0-rc5-btrfs-next-84 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__mutex_lock+0x139/0xa40\n Code: c0 74 19 (...)\n RSP: 0018:ffff9f18830d7b00 EFLAGS: 00010202\n RAX: 6b6b6b6b6b6b6b68 RBX: 0000000000000001 RCX: 0000000000000002\n RDX: ffffffffb9c54d13 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff9f18830d7bc0 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff9f18830d7be0 R11: 0000000000000001 R12: ffff8c6cd199c040\n R13: ffff8c6c95821358 R14: 00000000fffffffb R15: ffff8c6cbcf01358\n FS: 00007fa9140c2b80(0000) GS:ffff8c6fac600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fa913d52000 CR3: 000000013d2b4003 CR4: 0000000000370ee0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? __btrfs_handle_fs_error+0xde/0x146 [btrfs]\n ? btrfs_sync_log+0x7c1/0xf20 [btrfs]\n ? btrfs_sync_log+0x7c1/0xf20 [btrfs]\n btrfs_sync_log+0x7c1/0xf20 [btrfs]\n btrfs_sync_file+0x40c/0x580 [btrfs]\n do_fsync+0x38/0x70\n __x64_sys_fsync+0x10/0x20\n do_syscall_64+0x33/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7fa9142a55c3\n Code: 8b 15 09 (...)\n RSP: 002b:00007fff26278d48 EFLAGS: 00000246 ORIG_RAX: 000000000000004a\n RAX: ffffffffffffffda RBX: 0000563c83cb4560 RCX: 00007fa9142a55c3\n RDX: 00007fff26278cb0 RSI: 00007fff26278cb0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 0000000000000001 R09: 00007fff26278d5c\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000340\n R13: 00007fff26278de0 R14: 00007fff26278d96 R15: 0000563c83ca57c0\n Modules linked in: btrfs dm_zero dm_snapshot dm_thin_pool (...)\n ---[ end trace ee2f1b19327d791d ]---\n\nThe steps that lead to this crash are the following:\n\n1) We are at transaction N;\n\n2) We have two tasks with a transaction handle attached to transaction N.\n Task A and Task B. Task B is doing an fsync;\n\n3) Task B is at btrfs_sync_log(), and has saved fs_info-\u003elog_root_tree\n into a local variable named \u0027log_root_tree\u0027 at the top of\n btrfs_sync_log(). Task B is about to call write_all_supers(), but\n before that...\n\n4) Task A calls btrfs_commit_transaction(), and after it sets the\n transaction state to TRANS_STATE_COMMIT_START, an error happens before\n it w\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46958",
"url": "https://www.suse.com/security/cve/CVE-2021-46958"
},
{
"category": "external",
"summary": "SUSE Bug 1220521 for CVE-2021-46958",
"url": "https://bugzilla.suse.com/1220521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46958"
},
{
"cve": "CVE-2021-46960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Return correct error code from smb2_get_enc_key\n\nAvoid a warning if the error percolates back up:\n\n[440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: Could not get encryption key\n[440700.386947] ------------[ cut here ]------------\n[440700.386948] err = 1\n[440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70\n...\n[440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu\n...\n[440700.397334] Call Trace:\n[440700.397346] __filemap_set_wb_err+0x1a/0x70\n[440700.397419] cifs_writepages+0x9c7/0xb30 [cifs]\n[440700.397426] do_writepages+0x4b/0xe0\n[440700.397444] __filemap_fdatawrite_range+0xcb/0x100\n[440700.397455] filemap_write_and_wait+0x42/0xa0\n[440700.397486] cifs_setattr+0x68b/0xf30 [cifs]\n[440700.397493] notify_change+0x358/0x4a0\n[440700.397500] utimes_common+0xe9/0x1c0\n[440700.397510] do_utimes+0xc5/0x150\n[440700.397520] __x64_sys_utimensat+0x88/0xd0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46960",
"url": "https://www.suse.com/security/cve/CVE-2021-46960"
},
{
"category": "external",
"summary": "SUSE Bug 1220528 for CVE-2021-46960",
"url": "https://bugzilla.suse.com/1220528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46960"
},
{
"cve": "CVE-2021-46963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()\n\n RIP: 0010:kmem_cache_free+0xfa/0x1b0\n Call Trace:\n qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx]\n scsi_queue_rq+0x5e2/0xa40\n __blk_mq_try_issue_directly+0x128/0x1d0\n blk_mq_request_issue_directly+0x4e/0xb0\n\nFix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now\nallocated by upper layers. This fixes smatch warning of srb unintended\nfree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46963",
"url": "https://www.suse.com/security/cve/CVE-2021-46963"
},
{
"category": "external",
"summary": "SUSE Bug 1220536 for CVE-2021-46963",
"url": "https://bugzilla.suse.com/1220536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46963"
},
{
"cve": "CVE-2021-46964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Reserve extra IRQ vectors\n\nCommit a6dcfe08487e (\"scsi: qla2xxx: Limit interrupt vectors to number of\nCPUs\") lowers the number of allocated MSI-X vectors to the number of CPUs.\n\nThat breaks vector allocation assumptions in qla83xx_iospace_config(),\nqla24xx_enable_msix() and qla2x00_iospace_config(). Either of the functions\ncomputes maximum number of qpairs as:\n\n ha-\u003emax_qpairs = ha-\u003emsix_count - 1 (MB interrupt) - 1 (default\n response queue) - 1 (ATIO, in dual or pure target mode)\n\nmax_qpairs is set to zero in case of two CPUs and initiator mode. The\nnumber is then used to allocate ha-\u003equeue_pair_map inside\nqla2x00_alloc_queues(). No allocation happens and ha-\u003equeue_pair_map is\nleft NULL but the driver thinks there are queue pairs available.\n\nqla2xxx_queuecommand() tries to find a qpair in the map and crashes:\n\n if (ha-\u003emqenable) {\n uint32_t tag;\n uint16_t hwq;\n struct qla_qpair *qpair = NULL;\n\n tag = blk_mq_unique_tag(cmd-\u003erequest);\n hwq = blk_mq_unique_tag_to_hwq(tag);\n qpair = ha-\u003equeue_pair_map[hwq]; # \u003c- HERE\n\n if (qpair)\n return qla2xxx_mqueuecommand(host, cmd, qpair);\n }\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP PTI\n CPU: 0 PID: 72 Comm: kworker/u4:3 Tainted: G W 5.10.0-rc1+ #25\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014\n Workqueue: scsi_wq_7 fc_scsi_scan_rport [scsi_transport_fc]\n RIP: 0010:qla2xxx_queuecommand+0x16b/0x3f0 [qla2xxx]\n Call Trace:\n scsi_queue_rq+0x58c/0xa60\n blk_mq_dispatch_rq_list+0x2b7/0x6f0\n ? __sbitmap_get_word+0x2a/0x80\n __blk_mq_sched_dispatch_requests+0xb8/0x170\n blk_mq_sched_dispatch_requests+0x2b/0x50\n __blk_mq_run_hw_queue+0x49/0xb0\n __blk_mq_delay_run_hw_queue+0xfb/0x150\n blk_mq_sched_insert_request+0xbe/0x110\n blk_execute_rq+0x45/0x70\n __scsi_execute+0x10e/0x250\n scsi_probe_and_add_lun+0x228/0xda0\n __scsi_scan_target+0xf4/0x620\n ? __pm_runtime_resume+0x4f/0x70\n scsi_scan_target+0x100/0x110\n fc_scsi_scan_rport+0xa1/0xb0 [scsi_transport_fc]\n process_one_work+0x1ea/0x3b0\n worker_thread+0x28/0x3b0\n ? process_one_work+0x3b0/0x3b0\n kthread+0x112/0x130\n ? kthread_park+0x80/0x80\n ret_from_fork+0x22/0x30\n\nThe driver should allocate enough vectors to provide every CPU it\u0027s own HW\nqueue and still handle reserved (MB, RSP, ATIO) interrupts.\n\nThe change fixes the crash on dual core VM and prevents unbalanced QP\nallocation where nr_hw_queues is two less than the number of CPUs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46964",
"url": "https://www.suse.com/security/cve/CVE-2021-46964"
},
{
"category": "external",
"summary": "SUSE Bug 1220538 for CVE-2021-46964",
"url": "https://bugzilla.suse.com/1220538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46964"
},
{
"cve": "CVE-2021-46966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: custom_method: fix potential use-after-free issue\n\nIn cm_write(), buf is always freed when reaching the end of the\nfunction. If the requested count is less than table.length, the\nallocated buffer will be freed but subsequent calls to cm_write() will\nstill try to access it.\n\nRemove the unconditional kfree(buf) at the end of the function and\nset the buf to NULL in the -EINVAL error path to match the rest of\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46966",
"url": "https://www.suse.com/security/cve/CVE-2021-46966"
},
{
"category": "external",
"summary": "SUSE Bug 1220572 for CVE-2021-46966",
"url": "https://bugzilla.suse.com/1220572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46966"
},
{
"cve": "CVE-2021-46975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46975"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46975",
"url": "https://www.suse.com/security/cve/CVE-2021-46975"
},
{
"category": "external",
"summary": "SUSE Bug 1220505 for CVE-2021-46975",
"url": "https://bugzilla.suse.com/1220505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "low"
}
],
"title": "CVE-2021-46975"
},
{
"cve": "CVE-2021-46981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: Fix NULL pointer in flush_workqueue\n\nOpen /dev/nbdX first, the config_refs will be 1 and\nthe pointers in nbd_device are still null. Disconnect\n/dev/nbdX, then reference a null recv_workq. The\nprotection by config_refs in nbd_genl_disconnect is useless.\n\n[ 656.366194] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 656.368943] #PF: supervisor write access in kernel mode\n[ 656.369844] #PF: error_code(0x0002) - not-present page\n[ 656.370717] PGD 10cc87067 P4D 10cc87067 PUD 1074b4067 PMD 0\n[ 656.371693] Oops: 0002 [#1] SMP\n[ 656.372242] CPU: 5 PID: 7977 Comm: nbd-client Not tainted 5.11.0-rc5-00040-g76c057c84d28 #1\n[ 656.373661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\n[ 656.375904] RIP: 0010:mutex_lock+0x29/0x60\n[ 656.376627] Code: 00 0f 1f 44 00 00 55 48 89 fd 48 83 05 6f d7 fe 08 01 e8 7a c3 ff ff 48 83 05 6a d7 fe 08 01 31 c0 65 48 8b 14 25 00 6d 01 00 \u003cf0\u003e 48 0f b1 55 d\n[ 656.378934] RSP: 0018:ffffc900005eb9b0 EFLAGS: 00010246\n[ 656.379350] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 656.379915] RDX: ffff888104cf2600 RSI: ffffffffaae8f452 RDI: 0000000000000020\n[ 656.380473] RBP: 0000000000000020 R08: 0000000000000000 R09: ffff88813bd6b318\n[ 656.381039] R10: 00000000000000c7 R11: fefefefefefefeff R12: ffff888102710b40\n[ 656.381599] R13: ffffc900005eb9e0 R14: ffffffffb2930680 R15: ffff88810770ef00\n[ 656.382166] FS: 00007fdf117ebb40(0000) GS:ffff88813bd40000(0000) knlGS:0000000000000000\n[ 656.382806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 656.383261] CR2: 0000000000000020 CR3: 0000000100c84000 CR4: 00000000000006e0\n[ 656.383819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 656.384370] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 656.384927] Call Trace:\n[ 656.385111] flush_workqueue+0x92/0x6c0\n[ 656.385395] nbd_disconnect_and_put+0x81/0xd0\n[ 656.385716] nbd_genl_disconnect+0x125/0x2a0\n[ 656.386034] genl_family_rcv_msg_doit.isra.0+0x102/0x1b0\n[ 656.386422] genl_rcv_msg+0xfc/0x2b0\n[ 656.386685] ? nbd_ioctl+0x490/0x490\n[ 656.386954] ? genl_family_rcv_msg_doit.isra.0+0x1b0/0x1b0\n[ 656.387354] netlink_rcv_skb+0x62/0x180\n[ 656.387638] genl_rcv+0x34/0x60\n[ 656.387874] netlink_unicast+0x26d/0x590\n[ 656.388162] netlink_sendmsg+0x398/0x6c0\n[ 656.388451] ? netlink_rcv_skb+0x180/0x180\n[ 656.388750] ____sys_sendmsg+0x1da/0x320\n[ 656.389038] ? ____sys_recvmsg+0x130/0x220\n[ 656.389334] ___sys_sendmsg+0x8e/0xf0\n[ 656.389605] ? ___sys_recvmsg+0xa2/0xf0\n[ 656.389889] ? handle_mm_fault+0x1671/0x21d0\n[ 656.390201] __sys_sendmsg+0x6d/0xe0\n[ 656.390464] __x64_sys_sendmsg+0x23/0x30\n[ 656.390751] do_syscall_64+0x45/0x70\n[ 656.391017] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nTo fix it, just add if (nbd-\u003erecv_workq) to nbd_disconnect_and_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46981",
"url": "https://www.suse.com/security/cve/CVE-2021-46981"
},
{
"category": "external",
"summary": "SUSE Bug 1220611 for CVE-2021-46981",
"url": "https://bugzilla.suse.com/1220611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46981"
},
{
"cve": "CVE-2021-46988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: release page in error path to avoid BUG_ON\n\nConsider the following sequence of events:\n\n1. Userspace issues a UFFD ioctl, which ends up calling into\n shmem_mfill_atomic_pte(). We successfully account the blocks, we\n shmem_alloc_page(), but then the copy_from_user() fails. We return\n -ENOENT. We don\u0027t release the page we allocated.\n2. Our caller detects this error code, tries the copy_from_user() after\n dropping the mmap_lock, and retries, calling back into\n shmem_mfill_atomic_pte().\n3. Meanwhile, let\u0027s say another process filled up the tmpfs being used.\n4. So shmem_mfill_atomic_pte() fails to account blocks this time, and\n immediately returns - without releasing the page.\n\nThis triggers a BUG_ON in our caller, which asserts that the page\nshould always be consumed, unless -ENOENT is returned.\n\nTo fix this, detect if we have such a \"dangling\" page when accounting\nfails, and if so, release it before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46988",
"url": "https://www.suse.com/security/cve/CVE-2021-46988"
},
{
"category": "external",
"summary": "SUSE Bug 1220706 for CVE-2021-46988",
"url": "https://bugzilla.suse.com/1220706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46988"
},
{
"cve": "CVE-2021-46990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix crashes when toggling entry flush barrier\n\nThe entry flush mitigation can be enabled/disabled at runtime via a\ndebugfs file (entry_flush), which causes the kernel to patch itself to\nenable/disable the relevant mitigations.\n\nHowever depending on which mitigation we\u0027re using, it may not be safe to\ndo that patching while other CPUs are active. For example the following\ncrash:\n\n sleeper[15639]: segfault (11) at c000000000004c20 nip c000000000004c20 lr c000000000004c20\n\nShows that we returned to userspace with a corrupted LR that points into\nthe kernel, due to executing the partially patched call to the fallback\nentry flush (ie. we missed the LR restore).\n\nFix it by doing the patching under stop machine. The CPUs that aren\u0027t\ndoing the patching will be spinning in the core of the stop machine\nlogic. That is currently sufficient for our purposes, because none of\nthe patching we do is to that code or anywhere in the vicinity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46990",
"url": "https://www.suse.com/security/cve/CVE-2021-46990"
},
{
"category": "external",
"summary": "SUSE Bug 1220743 for CVE-2021-46990",
"url": "https://bugzilla.suse.com/1220743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46990"
},
{
"cve": "CVE-2021-46998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet:enic: Fix a use after free bug in enic_hard_start_xmit\n\nIn enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside\nenic_queue_wq_skb, if some error happens, the skb will be freed\nby dev_kfree_skb(skb). But the freed skb is still used in\nskb_tx_timestamp(skb).\n\nMy patch makes enic_queue_wq_skb() return error and goto spin_unlock()\nincase of error. The solution is provided by Govind.\nSee https://lkml.org/lkml/2021/4/30/961.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46998",
"url": "https://www.suse.com/security/cve/CVE-2021-46998"
},
{
"category": "external",
"summary": "SUSE Bug 1220625 for CVE-2021-46998",
"url": "https://bugzilla.suse.com/1220625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-46998"
},
{
"cve": "CVE-2021-47006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9064/1: hw_breakpoint: Do not directly check the event\u0027s overflow_handler hook\n\nThe commit 1879445dfa7b (\"perf/core: Set event\u0027s default\n::overflow_handler()\") set a default event-\u003eoverflow_handler in\nperf_event_alloc(), and replace the check event-\u003eoverflow_handler with\nis_default_overflow_handler(), but one is missing.\n\nCurrently, the bp-\u003eoverflow_handler can not be NULL. As a result,\nenable_single_step() is always not invoked.\n\nComments from Zhen Lei:\n\n https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210207105934.2001-1-thunder.leizhen@huawei.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47006",
"url": "https://www.suse.com/security/cve/CVE-2021-47006"
},
{
"category": "external",
"summary": "SUSE Bug 1220751 for CVE-2021-47006",
"url": "https://bugzilla.suse.com/1220751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47006"
},
{
"cve": "CVE-2021-47015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix RX consumer index logic in the error path.\n\nIn bnxt_rx_pkt(), the RX buffers are expected to complete in order.\nIf the RX consumer index indicates an out of order buffer completion,\nit means we are hitting a hardware bug and the driver will abort all\nremaining RX packets and reset the RX ring. The RX consumer index\nthat we pass to bnxt_discard_rx() is not correct. We should be\npassing the current index (tmp_raw_cons) instead of the old index\n(raw_cons). This bug can cause us to be at the wrong index when\ntrying to abort the next RX packet. It can crash like this:\n\n #0 [ffff9bbcdf5c39a8] machine_kexec at ffffffff9b05e007\n #1 [ffff9bbcdf5c3a00] __crash_kexec at ffffffff9b111232\n #2 [ffff9bbcdf5c3ad0] panic at ffffffff9b07d61e\n #3 [ffff9bbcdf5c3b50] oops_end at ffffffff9b030978\n #4 [ffff9bbcdf5c3b78] no_context at ffffffff9b06aaf0\n #5 [ffff9bbcdf5c3bd8] __bad_area_nosemaphore at ffffffff9b06ae2e\n #6 [ffff9bbcdf5c3c28] bad_area_nosemaphore at ffffffff9b06af24\n #7 [ffff9bbcdf5c3c38] __do_page_fault at ffffffff9b06b67e\n #8 [ffff9bbcdf5c3cb0] do_page_fault at ffffffff9b06bb12\n #9 [ffff9bbcdf5c3ce0] page_fault at ffffffff9bc015c5\n [exception RIP: bnxt_rx_pkt+237]\n RIP: ffffffffc0259cdd RSP: ffff9bbcdf5c3d98 RFLAGS: 00010213\n RAX: 000000005dd8097f RBX: ffff9ba4cb11b7e0 RCX: ffffa923cf6e9000\n RDX: 0000000000000fff RSI: 0000000000000627 RDI: 0000000000001000\n RBP: ffff9bbcdf5c3e60 R8: 0000000000420003 R9: 000000000000020d\n R10: ffffa923cf6ec138 R11: ffff9bbcdf5c3e83 R12: ffff9ba4d6f928c0\n R13: ffff9ba4cac28080 R14: ffff9ba4cb11b7f0 R15: ffff9ba4d5a30000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47015",
"url": "https://www.suse.com/security/cve/CVE-2021-47015"
},
{
"category": "external",
"summary": "SUSE Bug 1220794 for CVE-2021-47015",
"url": "https://bugzilla.suse.com/1220794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47015"
},
{
"cve": "CVE-2021-47024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: free queued packets when closing socket\n\nAs reported by syzbot [1], there is a memory leak while closing the\nsocket. We partially solved this issue with commit ac03046ece2b\n(\"vsock/virtio: free packets during the socket release\"), but we\nforgot to drain the RX queue when the socket is definitely closed by\nthe scheduled work.\n\nTo avoid future issues, let\u0027s use the new virtio_transport_remove_sock()\nto drain the RX queue before removing the socket from the af_vsock lists\ncalling vsock_remove_sock().\n\n[1] https://syzkaller.appspot.com/bug?extid=24452624fc4c571eedd9",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47024",
"url": "https://www.suse.com/security/cve/CVE-2021-47024"
},
{
"category": "external",
"summary": "SUSE Bug 1220637 for CVE-2021-47024",
"url": "https://bugzilla.suse.com/1220637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47024"
},
{
"cve": "CVE-2021-47034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix pte update for kernel memory on radix\n\nWhen adding a PTE a ptesync is needed to order the update of the PTE\nwith subsequent accesses otherwise a spurious fault may be raised.\n\nradix__set_pte_at() does not do this for performance gains. For\nnon-kernel memory this is not an issue as any faults of this kind are\ncorrected by the page fault handler. For kernel memory these faults\nare not handled. The current solution is that there is a ptesync in\nflush_cache_vmap() which should be called when mapping from the\nvmalloc region.\n\nHowever, map_kernel_page() does not call flush_cache_vmap(). This is\ntroublesome in particular for code patching with Strict RWX on radix.\nIn do_patch_instruction() the page frame that contains the instruction\nto be patched is mapped and then immediately patched. With no ordering\nor synchronization between setting up the PTE and writing to the page\nit is possible for faults.\n\nAs the code patching is done using __put_user_asm_goto() the resulting\nfault is obscured - but using a normal store instead it can be seen:\n\n BUG: Unable to handle kernel data access on write at 0xc008000008f24a3c\n Faulting instruction address: 0xc00000000008bd74\n Oops: Kernel access of bad area, sig: 11 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in: nop_module(PO+) [last unloaded: nop_module]\n CPU: 4 PID: 757 Comm: sh Tainted: P O 5.10.0-rc5-01361-ge3c1b78c8440-dirty #43\n NIP: c00000000008bd74 LR: c00000000008bd50 CTR: c000000000025810\n REGS: c000000016f634a0 TRAP: 0300 Tainted: P O (5.10.0-rc5-01361-ge3c1b78c8440-dirty)\n MSR: 9000000000009033 \u003cSF,HV,EE,ME,IR,DR,RI,LE\u003e CR: 44002884 XER: 00000000\n CFAR: c00000000007c68c DAR: c008000008f24a3c DSISR: 42000000 IRQMASK: 1\n\nThis results in the kind of issue reported here:\n https://lore.kernel.org/linuxppc-dev/15AC5B0E-A221-4B8C-9039-FA96B8EF7C88@lca.pw/\n\nChris Riedl suggested a reliable way to reproduce the issue:\n $ mount -t debugfs none /sys/kernel/debug\n $ (while true; do echo function \u003e /sys/kernel/debug/tracing/current_tracer ; echo nop \u003e /sys/kernel/debug/tracing/current_tracer ; done) \u0026\n\nTurning ftrace on and off does a large amount of code patching which\nin usually less then 5min will crash giving a trace like:\n\n ftrace-powerpc: (____ptrval____): replaced (4b473b11) != old (60000000)\n ------------[ ftrace bug ]------------\n ftrace failed to modify\n [\u003cc000000000bf8e5c\u003e] napi_busy_loop+0xc/0x390\n actual: 11:3b:47:4b\n Setting ftrace call site to call ftrace function\n ftrace record flags: 80000001\n (1)\n expected tramp: c00000000006c96c\n ------------[ cut here ]------------\n WARNING: CPU: 4 PID: 809 at kernel/trace/ftrace.c:2065 ftrace_bug+0x28c/0x2e8\n Modules linked in: nop_module(PO-) [last unloaded: nop_module]\n CPU: 4 PID: 809 Comm: sh Tainted: P O 5.10.0-rc5-01360-gf878ccaf250a #1\n NIP: c00000000024f334 LR: c00000000024f330 CTR: c0000000001a5af0\n REGS: c000000004c8b760 TRAP: 0700 Tainted: P O (5.10.0-rc5-01360-gf878ccaf250a)\n MSR: 900000000282b033 \u003cSF,HV,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 28008848 XER: 20040000\n CFAR: c0000000001a9c98 IRQMASK: 0\n GPR00: c00000000024f330 c000000004c8b9f0 c000000002770600 0000000000000022\n GPR04: 00000000ffff7fff c000000004c8b6d0 0000000000000027 c0000007fe9bcdd8\n GPR08: 0000000000000023 ffffffffffffffd8 0000000000000027 c000000002613118\n GPR12: 0000000000008000 c0000007fffdca00 0000000000000000 0000000000000000\n GPR16: 0000000023ec37c5 0000000000000000 0000000000000000 0000000000000008\n GPR20: c000000004c8bc90 c0000000027a2d20 c000000004c8bcd0 c000000002612fe8\n GPR24: 0000000000000038 0000000000000030 0000000000000028 0000000000000020\n GPR28: c000000000ff1b68 c000000000bf8e5c c00000000312f700 c000000000fbb9b0\n NIP ftrace_bug+0x28c/0x2e8\n LR ftrace_bug+0x288/0x2e8\n Call T\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47034",
"url": "https://www.suse.com/security/cve/CVE-2021-47034"
},
{
"category": "external",
"summary": "SUSE Bug 1220687 for CVE-2021-47034",
"url": "https://bugzilla.suse.com/1220687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47034"
},
{
"cve": "CVE-2021-47045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()\n\nIt is possible to call lpfc_issue_els_plogi() passing a did for which no\nmatching ndlp is found. A call is then made to lpfc_prep_els_iocb() with a\nnull pointer to a lpfc_nodelist structure resulting in a null pointer\ndereference.\n\nFix by returning an error status if no valid ndlp is found. Fix up comments\nregarding ndlp reference counting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47045",
"url": "https://www.suse.com/security/cve/CVE-2021-47045"
},
{
"category": "external",
"summary": "SUSE Bug 1220640 for CVE-2021-47045",
"url": "https://bugzilla.suse.com/1220640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47045"
},
{
"cve": "CVE-2021-47049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Use after free in __vmbus_open()\n\nThe \"open_info\" variable is added to the \u0026vmbus_connection.chn_msg_list,\nbut the error handling frees \"open_info\" without removing it from the\nlist. This will result in a use after free. First remove it from the\nlist, and then free it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47049",
"url": "https://www.suse.com/security/cve/CVE-2021-47049"
},
{
"category": "external",
"summary": "SUSE Bug 1220692 for CVE-2021-47049",
"url": "https://bugzilla.suse.com/1220692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47049"
},
{
"cve": "CVE-2021-47055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: require write permissions for locking and badblock ioctls\n\nMEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require\nwrite permission. Depending on the hardware MEMLOCK might even be\nwrite-once, e.g. for SPI-NOR flashes with their WP# tied to GND. OTPLOCK\nis always write-once.\n\nMEMSETBADBLOCK modifies the bad block table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47055",
"url": "https://www.suse.com/security/cve/CVE-2021-47055"
},
{
"category": "external",
"summary": "SUSE Bug 1220768 for CVE-2021-47055",
"url": "https://bugzilla.suse.com/1220768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47055"
},
{
"cve": "CVE-2021-47056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init\n\nADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown()\nbefore calling adf_iov_putmsg()-\u003emutex_lock(vf2pf_lock), however the\nvf2pf_lock is initialized in adf_dev_init(), which can fail and when it\nfail, the vf2pf_lock is either not initialized or destroyed, a subsequent\nuse of vf2pf_lock will cause issue.\nTo fix this issue, only set this flag if adf_dev_init() returns 0.\n\n[ 7.178404] BUG: KASAN: user-memory-access in __mutex_lock.isra.0+0x1ac/0x7c0\n[ 7.180345] Call Trace:\n[ 7.182576] mutex_lock+0xc9/0xd0\n[ 7.183257] adf_iov_putmsg+0x118/0x1a0 [intel_qat]\n[ 7.183541] adf_vf2pf_shutdown+0x4d/0x7b [intel_qat]\n[ 7.183834] adf_dev_shutdown+0x172/0x2b0 [intel_qat]\n[ 7.184127] adf_probe+0x5e9/0x600 [qat_dh895xccvf]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47056",
"url": "https://www.suse.com/security/cve/CVE-2021-47056"
},
{
"category": "external",
"summary": "SUSE Bug 1220769 for CVE-2021-47056",
"url": "https://bugzilla.suse.com/1220769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47056"
},
{
"cve": "CVE-2021-47060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Stop looking for coalesced MMIO zones if the bus is destroyed\n\nAbort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev()\nfails to allocate memory for the new instance of the bus. If it can\u0027t\ninstantiate a new bus, unregister_dev() destroys all devices _except_ the\ntarget device. But, it doesn\u0027t tell the caller that it obliterated the\nbus and invoked the destructor for all devices that were on the bus. In\nthe coalesced MMIO case, this can result in a deleted list entry\ndereference due to attempting to continue iterating on coalesced_zones\nafter future entries (in the walk) have been deleted.\n\nOpportunistically add curly braces to the for-loop, which encompasses\nmany lines but sneaks by without braces due to the guts being a single\nif statement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47060",
"url": "https://www.suse.com/security/cve/CVE-2021-47060"
},
{
"category": "external",
"summary": "SUSE Bug 1220742 for CVE-2021-47060",
"url": "https://bugzilla.suse.com/1220742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47060"
},
{
"cve": "CVE-2021-47061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Destroy I/O bus devices on unregister failure _after_ sync\u0027ing SRCU\n\nIf allocating a new instance of an I/O bus fails when unregistering a\ndevice, wait to destroy the device until after all readers are guaranteed\nto see the new null bus. Destroying devices before the bus is nullified\ncould lead to use-after-free since readers expect the devices on their\nreference of the bus to remain valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47061",
"url": "https://www.suse.com/security/cve/CVE-2021-47061"
},
{
"category": "external",
"summary": "SUSE Bug 1220745 for CVE-2021-47061",
"url": "https://bugzilla.suse.com/1220745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47061"
},
{
"cve": "CVE-2021-47063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge/panel: Cleanup connector on bridge detach\n\nIf we don\u0027t call drm_connector_cleanup() manually in\npanel_bridge_detach(), the connector will be cleaned up with the other\nDRM objects in the call to drm_mode_config_cleanup(). However, since our\ndrm_connector is devm-allocated, by the time drm_mode_config_cleanup()\nwill be called, our connector will be long gone. Therefore, the\nconnector must be cleaned up when the bridge is detached to avoid\nuse-after-free conditions.\n\nv2: Cleanup connector only if it was created\n\nv3: Add FIXME\n\nv4: (Use connector-\u003edev) directly in if() block",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47063",
"url": "https://www.suse.com/security/cve/CVE-2021-47063"
},
{
"category": "external",
"summary": "SUSE Bug 1220777 for CVE-2021-47063",
"url": "https://bugzilla.suse.com/1220777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47063"
},
{
"cve": "CVE-2021-47068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/nfc: fix use-after-free llcp_sock_bind/connect\n\nCommits 8a4cd82d (\"nfc: fix refcount leak in llcp_sock_connect()\")\nand c33b1cc62 (\"nfc: fix refcount leak in llcp_sock_bind()\")\nfixed a refcount leak bug in bind/connect but introduced a\nuse-after-free if the same local is assigned to 2 different sockets.\n\nThis can be triggered by the following simple program:\n int sock1 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP );\n int sock2 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP );\n memset( \u0026addr, 0, sizeof(struct sockaddr_nfc_llcp) );\n addr.sa_family = AF_NFC;\n addr.nfc_protocol = NFC_PROTO_NFC_DEP;\n bind( sock1, (struct sockaddr*) \u0026addr, sizeof(struct sockaddr_nfc_llcp) )\n bind( sock2, (struct sockaddr*) \u0026addr, sizeof(struct sockaddr_nfc_llcp) )\n close(sock1);\n close(sock2);\n\nFix this by assigning NULL to llcp_sock-\u003elocal after calling\nnfc_llcp_local_put.\n\nThis addresses CVE-2021-23134.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47068",
"url": "https://www.suse.com/security/cve/CVE-2021-47068"
},
{
"category": "external",
"summary": "SUSE Bug 1220739 for CVE-2021-47068",
"url": "https://bugzilla.suse.com/1220739"
},
{
"category": "external",
"summary": "SUSE Bug 1221130 for CVE-2021-47068",
"url": "https://bugzilla.suse.com/1221130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2021-47068"
},
{
"cve": "CVE-2021-47070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix another memory leak in error handling paths\n\nMemory allocated by \u0027vmbus_alloc_ring()\u0027 at the beginning of the probe\nfunction is never freed in the error handling path.\n\nAdd the missing \u0027vmbus_free_ring()\u0027 call.\n\nNote that it is already freed in the .remove function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47070",
"url": "https://www.suse.com/security/cve/CVE-2021-47070"
},
{
"category": "external",
"summary": "SUSE Bug 1220829 for CVE-2021-47070",
"url": "https://bugzilla.suse.com/1220829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47070"
},
{
"cve": "CVE-2021-47071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix a memory leak in error handling paths\n\nIf \u0027vmbus_establish_gpadl()\u0027 fails, the (recv|send)_gpadl will not be\nupdated and \u0027hv_uio_cleanup()\u0027 in the error handling path will not be\nable to free the corresponding buffer.\n\nIn such a case, we need to free the buffer explicitly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47071",
"url": "https://www.suse.com/security/cve/CVE-2021-47071"
},
{
"category": "external",
"summary": "SUSE Bug 1220846 for CVE-2021-47071",
"url": "https://bugzilla.suse.com/1220846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47071"
},
{
"cve": "CVE-2021-47073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios\n\ninit_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems\nwhere the Dell WMI interface is supported. While exit_dell_smbios_wmi()\nunregisters it unconditionally, this leads to the following oops:\n\n[ 175.722921] ------------[ cut here ]------------\n[ 175.722925] Unexpected driver unregister!\n[ 175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driver_unregister+0x38/0x40\n...\n[ 175.723089] Call Trace:\n[ 175.723094] cleanup_module+0x5/0xedd [dell_smbios]\n...\n[ 175.723148] ---[ end trace 064c34e1ad49509d ]---\n\nMake the unregister happen on the same condition the register happens\nto fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47073",
"url": "https://www.suse.com/security/cve/CVE-2021-47073"
},
{
"category": "external",
"summary": "SUSE Bug 1220850 for CVE-2021-47073",
"url": "https://bugzilla.suse.com/1220850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47073"
},
{
"cve": "CVE-2021-47100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module\n\nHi,\n\nWhen testing install and uninstall of ipmi_si.ko and ipmi_msghandler.ko,\nthe system crashed.\n\nThe log as follows:\n[ 141.087026] BUG: unable to handle kernel paging request at ffffffffc09b3a5a\n[ 141.087241] PGD 8fe4c0d067 P4D 8fe4c0d067 PUD 8fe4c0f067 PMD 103ad89067 PTE 0\n[ 141.087464] Oops: 0010 [#1] SMP NOPTI\n[ 141.087580] CPU: 67 PID: 668 Comm: kworker/67:1 Kdump: loaded Not tainted 4.18.0.x86_64 #47\n[ 141.088009] Workqueue: events 0xffffffffc09b3a40\n[ 141.088009] RIP: 0010:0xffffffffc09b3a5a\n[ 141.088009] Code: Bad RIP value.\n[ 141.088009] RSP: 0018:ffffb9094e2c3e88 EFLAGS: 00010246\n[ 141.088009] RAX: 0000000000000000 RBX: ffff9abfdb1f04a0 RCX: 0000000000000000\n[ 141.088009] RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\n[ 141.088009] RBP: 0000000000000000 R08: ffff9abfffee3cb8 R09: 00000000000002e1\n[ 141.088009] R10: ffffb9094cb73d90 R11: 00000000000f4240 R12: ffff9abfffee8700\n[ 141.088009] R13: 0000000000000000 R14: ffff9abfdb1f04a0 R15: ffff9abfdb1f04a8\n[ 141.088009] FS: 0000000000000000(0000) GS:ffff9abfffec0000(0000) knlGS:0000000000000000\n[ 141.088009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 141.088009] CR2: ffffffffc09b3a30 CR3: 0000008fe4c0a001 CR4: 00000000007606e0\n[ 141.088009] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 141.088009] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 141.088009] PKRU: 55555554\n[ 141.088009] Call Trace:\n[ 141.088009] ? process_one_work+0x195/0x390\n[ 141.088009] ? worker_thread+0x30/0x390\n[ 141.088009] ? process_one_work+0x390/0x390\n[ 141.088009] ? kthread+0x10d/0x130\n[ 141.088009] ? kthread_flush_work_fn+0x10/0x10\n[ 141.088009] ? ret_from_fork+0x35/0x40] BUG: unable to handle kernel paging request at ffffffffc0b28a5a\n[ 200.223240] PGD 97fe00d067 P4D 97fe00d067 PUD 97fe00f067 PMD a580cbf067 PTE 0\n[ 200.223464] Oops: 0010 [#1] SMP NOPTI\n[ 200.223579] CPU: 63 PID: 664 Comm: kworker/63:1 Kdump: loaded Not tainted 4.18.0.x86_64 #46\n[ 200.224008] Workqueue: events 0xffffffffc0b28a40\n[ 200.224008] RIP: 0010:0xffffffffc0b28a5a\n[ 200.224008] Code: Bad RIP value.\n[ 200.224008] RSP: 0018:ffffbf3c8e2a3e88 EFLAGS: 00010246\n[ 200.224008] RAX: 0000000000000000 RBX: ffffa0799ad6bca0 RCX: 0000000000000000\n[ 200.224008] RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\n[ 200.224008] RBP: 0000000000000000 R08: ffff9fe43fde3cb8 R09: 00000000000000d5\n[ 200.224008] R10: ffffbf3c8cb53d90 R11: 00000000000f4240 R12: ffff9fe43fde8700\n[ 200.224008] R13: 0000000000000000 R14: ffffa0799ad6bca0 R15: ffffa0799ad6bca8\n[ 200.224008] FS: 0000000000000000(0000) GS:ffff9fe43fdc0000(0000) knlGS:0000000000000000\n[ 200.224008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 200.224008] CR2: ffffffffc0b28a30 CR3: 00000097fe00a002 CR4: 00000000007606e0\n[ 200.224008] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 200.224008] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 200.224008] PKRU: 55555554\n[ 200.224008] Call Trace:\n[ 200.224008] ? process_one_work+0x195/0x390\n[ 200.224008] ? worker_thread+0x30/0x390\n[ 200.224008] ? process_one_work+0x390/0x390\n[ 200.224008] ? kthread+0x10d/0x130\n[ 200.224008] ? kthread_flush_work_fn+0x10/0x10\n[ 200.224008] ? ret_from_fork+0x35/0x40\n[ 200.224008] kernel fault(0x1) notification starting on CPU 63\n[ 200.224008] kernel fault(0x1) notification finished on CPU 63\n[ 200.224008] CR2: ffffffffc0b28a5a\n[ 200.224008] ---[ end trace c82a412d93f57412 ]---\n\nThe reason is as follows:\nT1: rmmod ipmi_si.\n -\u003eipmi_unregister_smi()\n -\u003e ipmi_bmc_unregister()\n -\u003e __ipmi_bmc_unregister()\n -\u003e kref_put(\u0026bmc-\u003eusecount, cleanup_bmc_device);\n -\u003e schedule_work(\u0026bmc-\u003eremove_work);\n\nT2: rmmod ipmi_msghandl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47100",
"url": "https://www.suse.com/security/cve/CVE-2021-47100"
},
{
"category": "external",
"summary": "SUSE Bug 1220985 for CVE-2021-47100",
"url": "https://bugzilla.suse.com/1220985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47100"
},
{
"cve": "CVE-2021-47101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nasix: fix uninit-value in asix_mdio_read()\n\nasix_read_cmd() may read less than sizeof(smsr) bytes and in this case\nsmsr will be uninitialized.\n\nFail log:\nBUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]\nBUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497\nBUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497\n asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]\n asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497\n asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47101",
"url": "https://www.suse.com/security/cve/CVE-2021-47101"
},
{
"category": "external",
"summary": "SUSE Bug 1220987 for CVE-2021-47101",
"url": "https://bugzilla.suse.com/1220987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47101"
},
{
"cve": "CVE-2021-47104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Fix memory leak in qib_user_sdma_queue_pkts()\n\nThe wrong goto label was used for the error case and missed cleanup of the\npkt allocation.\n\nAddresses-Coverity-ID: 1493352 (\"Resource leak\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47104",
"url": "https://www.suse.com/security/cve/CVE-2021-47104"
},
{
"category": "external",
"summary": "SUSE Bug 1220960 for CVE-2021-47104",
"url": "https://bugzilla.suse.com/1220960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47104"
},
{
"cve": "CVE-2021-47110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Disable kvmclock on all CPUs on shutdown\n\nCurrenly, we disable kvmclock from machine_shutdown() hook and this\nonly happens for boot CPU. We need to disable it for all CPUs to\nguard against memory corruption e.g. on restore from hibernate.\n\nNote, writing \u00270\u0027 to kvmclock MSR doesn\u0027t clear memory location, it\njust prevents hypervisor from updating the location so for the short\nwhile after write and while CPU is still alive, the clock remains usable\nand correct so we don\u0027t need to switch to some other clocksource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47110",
"url": "https://www.suse.com/security/cve/CVE-2021-47110"
},
{
"category": "external",
"summary": "SUSE Bug 1221532 for CVE-2021-47110",
"url": "https://bugzilla.suse.com/1221532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47110"
},
{
"cve": "CVE-2021-47112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Teardown PV features on boot CPU as well\n\nVarious PV features (Async PF, PV EOI, steal time) work through memory\nshared with hypervisor and when we restore from hibernation we must\nproperly teardown all these features to make sure hypervisor doesn\u0027t\nwrite to stale locations after we jump to the previously hibernated kernel\n(which can try to place anything there). For secondary CPUs the job is\nalready done by kvm_cpu_down_prepare(), register syscore ops to do\nthe same for boot CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47112",
"url": "https://www.suse.com/security/cve/CVE-2021-47112"
},
{
"category": "external",
"summary": "SUSE Bug 1221541 for CVE-2021-47112",
"url": "https://bugzilla.suse.com/1221541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47112"
},
{
"cve": "CVE-2021-47114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption by fallocate\n\nWhen fallocate punches holes out of inode size, if original isize is in\nthe middle of last cluster, then the part from isize to the end of the\ncluster will be zeroed with buffer write, at that time isize is not yet\nupdated to match the new size, if writeback is kicked in, it will invoke\nocfs2_writepage()-\u003eblock_write_full_page() where the pages out of inode\nsize will be dropped. That will cause file corruption. Fix this by\nzero out eof blocks when extending the inode size.\n\nRunning the following command with qemu-image 4.2.1 can get a corrupted\ncoverted image file easily.\n\n qemu-img convert -p -t none -T none -f qcow2 $qcow_image \\\n -O qcow2 -o compat=1.1 $qcow_image.conv\n\nThe usage of fallocate in qemu is like this, it first punches holes out\nof inode size, then extend the inode size.\n\n fallocate(11, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 2276196352, 65536) = 0\n fallocate(11, 0, 2276196352, 65536) = 0\n\nv1: https://www.spinics.net/lists/linux-fsdevel/msg193999.html\nv2: https://lore.kernel.org/linux-fsdevel/20210525093034.GB4112@quack2.suse.cz/T/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47114",
"url": "https://www.suse.com/security/cve/CVE-2021-47114"
},
{
"category": "external",
"summary": "SUSE Bug 1221548 for CVE-2021-47114",
"url": "https://bugzilla.suse.com/1221548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47114"
},
{
"cve": "CVE-2021-47117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed\n\nWe got follow bug_on when run fsstress with injecting IO fault:\n[130747.323114] kernel BUG at fs/ext4/extents_status.c:762!\n[130747.323117] Internal error: Oops - BUG: 0 [#1] SMP\n......\n[130747.334329] Call trace:\n[130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4]\n[130747.334975] ext4_cache_extents+0x64/0xe8 [ext4]\n[130747.335368] ext4_find_extent+0x300/0x330 [ext4]\n[130747.335759] ext4_ext_map_blocks+0x74/0x1178 [ext4]\n[130747.336179] ext4_map_blocks+0x2f4/0x5f0 [ext4]\n[130747.336567] ext4_mpage_readpages+0x4a8/0x7a8 [ext4]\n[130747.336995] ext4_readpage+0x54/0x100 [ext4]\n[130747.337359] generic_file_buffered_read+0x410/0xae8\n[130747.337767] generic_file_read_iter+0x114/0x190\n[130747.338152] ext4_file_read_iter+0x5c/0x140 [ext4]\n[130747.338556] __vfs_read+0x11c/0x188\n[130747.338851] vfs_read+0x94/0x150\n[130747.339110] ksys_read+0x74/0xf0\n\nThis patch\u0027s modification is according to Jan Kara\u0027s suggestion in:\nhttps://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/\n\"I see. Now I understand your patch. Honestly, seeing how fragile is trying\nto fix extent tree after split has failed in the middle, I would probably\ngo even further and make sure we fix the tree properly in case of ENOSPC\nand EDQUOT (those are easily user triggerable). Anything else indicates a\nHW problem or fs corruption so I\u0027d rather leave the extent tree as is and\ndon\u0027t try to fix it (which also means we will not create overlapping\nextents).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47117",
"url": "https://www.suse.com/security/cve/CVE-2021-47117"
},
{
"category": "external",
"summary": "SUSE Bug 1221575 for CVE-2021-47117",
"url": "https://bugzilla.suse.com/1221575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47117"
},
{
"cve": "CVE-2021-47118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npid: take a reference when initializing `cad_pid`\n\nDuring boot, kernel_init_freeable() initializes `cad_pid` to the init\ntask\u0027s struct pid. Later on, we may change `cad_pid` via a sysctl, and\nwhen this happens proc_do_cad_pid() will increment the refcount on the\nnew pid via get_pid(), and will decrement the refcount on the old pid\nvia put_pid(). As we never called get_pid() when we initialized\n`cad_pid`, we decrement a reference we never incremented, can therefore\nfree the init task\u0027s struct pid early. As there can be dangling\nreferences to the struct pid, we can later encounter a use-after-free\n(e.g. when delivering signals).\n\nThis was spotted when fuzzing v5.13-rc3 with Syzkaller, but seems to\nhave been around since the conversion of `cad_pid` to struct pid in\ncommit 9ec52099e4b8 (\"[PATCH] replace cad_pid by a struct pid\") from the\npre-KASAN stone age of v2.6.19.\n\nFix this by getting a reference to the init task\u0027s struct pid when we\nassign it to `cad_pid`.\n\nFull KASAN splat below.\n\n ==================================================================\n BUG: KASAN: use-after-free in ns_of_pid include/linux/pid.h:153 [inline]\n BUG: KASAN: use-after-free in task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n Read of size 4 at addr ffff23794dda0004 by task syz-executor.0/273\n\n CPU: 1 PID: 273 Comm: syz-executor.0 Not tainted 5.12.0-00001-g9aef892b2d15 #1\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n ns_of_pid include/linux/pid.h:153 [inline]\n task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n do_notify_parent+0x308/0xe60 kernel/signal.c:1950\n exit_notify kernel/exit.c:682 [inline]\n do_exit+0x2334/0x2bd0 kernel/exit.c:845\n do_group_exit+0x108/0x2c8 kernel/exit.c:922\n get_signal+0x4e4/0x2a88 kernel/signal.c:2781\n do_signal arch/arm64/kernel/signal.c:882 [inline]\n do_notify_resume+0x300/0x970 arch/arm64/kernel/signal.c:936\n work_pending+0xc/0x2dc\n\n Allocated by task 0:\n slab_post_alloc_hook+0x50/0x5c0 mm/slab.h:516\n slab_alloc_node mm/slub.c:2907 [inline]\n slab_alloc mm/slub.c:2915 [inline]\n kmem_cache_alloc+0x1f4/0x4c0 mm/slub.c:2920\n alloc_pid+0xdc/0xc00 kernel/pid.c:180\n copy_process+0x2794/0x5e18 kernel/fork.c:2129\n kernel_clone+0x194/0x13c8 kernel/fork.c:2500\n kernel_thread+0xd4/0x110 kernel/fork.c:2552\n rest_init+0x44/0x4a0 init/main.c:687\n arch_call_rest_init+0x1c/0x28\n start_kernel+0x520/0x554 init/main.c:1064\n 0x0\n\n Freed by task 270:\n slab_free_hook mm/slub.c:1562 [inline]\n slab_free_freelist_hook+0x98/0x260 mm/slub.c:1600\n slab_free mm/slub.c:3161 [inline]\n kmem_cache_free+0x224/0x8e0 mm/slub.c:3177\n put_pid.part.4+0xe0/0x1a8 kernel/pid.c:114\n put_pid+0x30/0x48 kernel/pid.c:109\n proc_do_cad_pid+0x190/0x1b0 kernel/sysctl.c:1401\n proc_sys_call_handler+0x338/0x4b0 fs/proc/proc_sysctl.c:591\n proc_sys_write+0x34/0x48 fs/proc/proc_sysctl.c:617\n call_write_iter include/linux/fs.h:1977 [inline]\n new_sync_write+0x3ac/0x510 fs/read_write.c:518\n vfs_write fs/read_write.c:605 [inline]\n vfs_write+0x9c4/0x1018 fs/read_write.c:585\n ksys_write+0x124/0x240 fs/read_write.c:658\n __do_sys_write fs/read_write.c:670 [inline]\n __se_sys_write fs/read_write.c:667 [inline]\n __arm64_sys_write+0x78/0xb0 fs/read_write.c:667\n __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]\n el0_svc_common.constprop.1+0x16c/0x388 arch/arm64/kernel/syscall.c:129\n do_el0_svc+0xf8/0x150 arch/arm64/kernel/syscall.c:168\n el0_svc+0x28/0x38 arch/arm64/kernel/entry-common.c:416\n el0_sync_handler+0x134/0x180 arch/arm64/kernel/entry-common.c:432\n el0_sync+0x154/0x180 arch/arm64/kernel/entry.S:701\n\n The buggy address belongs to the object at ffff23794dda0000\n which belongs to the cache pid of size 224\n The buggy address is located 4 bytes inside of\n 224-byte region [ff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47118",
"url": "https://www.suse.com/security/cve/CVE-2021-47118"
},
{
"category": "external",
"summary": "SUSE Bug 1221605 for CVE-2021-47118",
"url": "https://bugzilla.suse.com/1221605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47118"
},
{
"cve": "CVE-2021-47119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leak in ext4_fill_super\n\nBuffer head references must be released before calling kill_bdev();\notherwise the buffer head (and its page referenced by b_data) will not\nbe freed by kill_bdev, and subsequently that bh will be leaked.\n\nIf blocksizes differ, sb_set_blocksize() will kill current buffers and\npage cache by using kill_bdev(). And then super block will be reread\nagain but using correct blocksize this time. sb_set_blocksize() didn\u0027t\nfully free superblock page and buffer head, and being busy, they were\nnot freed and instead leaked.\n\nThis can easily be reproduced by calling an infinite loop of:\n\n systemctl start \u003cext4_on_lvm\u003e.mount, and\n systemctl stop \u003cext4_on_lvm\u003e.mount\n\n... since systemd creates a cgroup for each slice which it mounts, and\nthe bh leak get amplified by a dying memory cgroup that also never\ngets freed, and memory consumption is much more easily noticed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47119",
"url": "https://www.suse.com/security/cve/CVE-2021-47119"
},
{
"category": "external",
"summary": "SUSE Bug 1221608 for CVE-2021-47119",
"url": "https://bugzilla.suse.com/1221608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47119"
},
{
"cve": "CVE-2021-47138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: avoid accessing registers when clearing filters\n\nHardware register having the server TID base can contain\ninvalid values when adapter is in bad state (for example,\ndue to AER fatal error). Reading these invalid values in the\nregister can lead to out-of-bound memory access. So, fix\nby using the saved server TID base when clearing filters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47138",
"url": "https://www.suse.com/security/cve/CVE-2021-47138"
},
{
"category": "external",
"summary": "SUSE Bug 1221934 for CVE-2021-47138",
"url": "https://bugzilla.suse.com/1221934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47138"
},
{
"cve": "CVE-2021-47141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: Add NULL pointer checks when freeing irqs.\n\nWhen freeing notification blocks, we index priv-\u003emsix_vectors.\nIf we failed to allocate priv-\u003emsix_vectors (see abort_with_msix_vectors)\nthis could lead to a NULL pointer dereference if the driver is unloaded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47141",
"url": "https://www.suse.com/security/cve/CVE-2021-47141"
},
{
"category": "external",
"summary": "SUSE Bug 1221949 for CVE-2021-47141",
"url": "https://bugzilla.suse.com/1221949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47141"
},
{
"cve": "CVE-2021-47142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a use-after-free\n\nlooks like we forget to set ttm-\u003esg to NULL.\nHit panic below\n\n[ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 1235.989074] Call Trace:\n[ 1235.991751] sg_free_table+0x17/0x20\n[ 1235.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu]\n[ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu]\n[ 1236.008464] ttm_tt_destroy+0x1e/0x30 [ttm]\n[ 1236.013066] ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm]\n[ 1236.018783] ttm_bo_release+0x262/0xa50 [ttm]\n[ 1236.023547] ttm_bo_put+0x82/0xd0 [ttm]\n[ 1236.027766] amdgpu_bo_unref+0x26/0x50 [amdgpu]\n[ 1236.032809] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu]\n[ 1236.040400] kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu]\n[ 1236.046912] kfd_ioctl+0x463/0x690 [amdgpu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47142",
"url": "https://www.suse.com/security/cve/CVE-2021-47142"
},
{
"category": "external",
"summary": "SUSE Bug 1221952 for CVE-2021-47142",
"url": "https://bugzilla.suse.com/1221952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47142"
},
{
"cve": "CVE-2021-47143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: remove device from smcd_dev_list after failed device_add()\n\nIf the device_add() for a smcd_dev fails, there\u0027s no cleanup step that\nrolls back the earlier list_add(). The device subsequently gets freed,\nand we end up with a corrupted list.\n\nAdd some error handling that removes the device from the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47143",
"url": "https://www.suse.com/security/cve/CVE-2021-47143"
},
{
"category": "external",
"summary": "SUSE Bug 1221988 for CVE-2021-47143",
"url": "https://bugzilla.suse.com/1221988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47143"
},
{
"cve": "CVE-2021-47146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmld: fix panic in mld_newpack()\n\nmld_newpack() doesn\u0027t allow to allocate high order page,\nonly order-0 allocation is allowed.\nIf headroom size is too large, a kernel panic could occur in skb_put().\n\nTest commands:\n ip netns del A\n ip netns del B\n ip netns add A\n ip netns add B\n ip link add veth0 type veth peer name veth1\n ip link set veth0 netns A\n ip link set veth1 netns B\n\n ip netns exec A ip link set lo up\n ip netns exec A ip link set veth0 up\n ip netns exec A ip -6 a a 2001:db8:0::1/64 dev veth0\n ip netns exec B ip link set lo up\n ip netns exec B ip link set veth1 up\n ip netns exec B ip -6 a a 2001:db8:0::2/64 dev veth1\n for i in {1..99}\n do\n let A=$i-1\n ip netns exec A ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::1 remote 2001:db8:$A::2 encaplimit 100\n ip netns exec A ip -6 a a 2001:db8:$i::1/64 dev ip6gre$i\n ip netns exec A ip link set ip6gre$i up\n\n ip netns exec B ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::2 remote 2001:db8:$A::1 encaplimit 100\n ip netns exec B ip -6 a a 2001:db8:$i::2/64 dev ip6gre$i\n ip netns exec B ip link set ip6gre$i up\n done\n\nSplat looks like:\nkernel BUG at net/core/skbuff.c:110!\ninvalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI\nCPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.12.0+ #891\nWorkqueue: ipv6_addrconf addrconf_dad_work\nRIP: 0010:skb_panic+0x15d/0x15f\nCode: 92 fe 4c 8b 4c 24 10 53 8b 4d 70 45 89 e0 48 c7 c7 00 ae 79 83\n41 57 41 56 41 55 48 8b 54 24 a6 26 f9 ff \u003c0f\u003e 0b 48 8b 6c 24 20 89\n34 24 e8 4a 4e 92 fe 8b 34 24 48 c7 c1 20\nRSP: 0018:ffff88810091f820 EFLAGS: 00010282\nRAX: 0000000000000089 RBX: ffff8881086e9000 RCX: 0000000000000000\nRDX: 0000000000000089 RSI: 0000000000000008 RDI: ffffed1020123efb\nRBP: ffff888005f6eac0 R08: ffffed1022fc0031 R09: ffffed1022fc0031\nR10: ffff888117e00187 R11: ffffed1022fc0030 R12: 0000000000000028\nR13: ffff888008284eb0 R14: 0000000000000ed8 R15: 0000000000000ec0\nFS: 0000000000000000(0000) GS:ffff888117c00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8b801c5640 CR3: 0000000033c2c006 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n skb_put.cold.104+0x22/0x22\n ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? rcu_read_lock_sched_held+0x91/0xc0\n mld_newpack+0x398/0x8f0\n ? ip6_mc_hdr.isra.26.constprop.46+0x600/0x600\n ? lock_contended+0xc40/0xc40\n add_grhead.isra.33+0x280/0x380\n add_grec+0x5ca/0xff0\n ? mld_sendpack+0xf40/0xf40\n ? lock_downgrade+0x690/0x690\n mld_send_initial_cr.part.34+0xb9/0x180\n ipv6_mc_dad_complete+0x15d/0x1b0\n addrconf_dad_completed+0x8d2/0xbb0\n ? lock_downgrade+0x690/0x690\n ? addrconf_rs_timer+0x660/0x660\n ? addrconf_dad_work+0x73c/0x10e0\n addrconf_dad_work+0x73c/0x10e0\n\nAllowing high order page allocation could fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47146",
"url": "https://www.suse.com/security/cve/CVE-2021-47146"
},
{
"category": "external",
"summary": "SUSE Bug 1221979 for CVE-2021-47146",
"url": "https://bugzilla.suse.com/1221979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47146"
},
{
"cve": "CVE-2021-47149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fujitsu: fix potential null-ptr-deref\n\nIn fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer\nderef. To fix this, check the return value of ioremap and return -1\nto the caller in case of failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47149",
"url": "https://www.suse.com/security/cve/CVE-2021-47149"
},
{
"category": "external",
"summary": "SUSE Bug 1221972 for CVE-2021-47149",
"url": "https://bugzilla.suse.com/1221972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47149"
},
{
"cve": "CVE-2021-47150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: fix the potential memory leak in fec_enet_init()\n\nIf the memory allocated for cbd_base is failed, it should\nfree the memory allocated for the queues, otherwise it causes\nmemory leak.\n\nAnd if the memory allocated for the queues is failed, it can\nreturn error directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47150",
"url": "https://www.suse.com/security/cve/CVE-2021-47150"
},
{
"category": "external",
"summary": "SUSE Bug 1221973 for CVE-2021-47150",
"url": "https://bugzilla.suse.com/1221973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47150"
},
{
"cve": "CVE-2021-47153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don\u0027t generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47153",
"url": "https://www.suse.com/security/cve/CVE-2021-47153"
},
{
"category": "external",
"summary": "SUSE Bug 1221969 for CVE-2021-47153",
"url": "https://bugzilla.suse.com/1221969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47153"
},
{
"cve": "CVE-2021-47159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix a crash if -\u003eget_sset_count() fails\n\nIf ds-\u003eops-\u003eget_sset_count() fails then it \"count\" is a negative error\ncode such as -EOPNOTSUPP. Because \"i\" is an unsigned int, the negative\nerror code is type promoted to a very high value and the loop will\ncorrupt memory until the system crashes.\n\nFix this by checking for error codes and changing the type of \"i\" to\njust int.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47159",
"url": "https://www.suse.com/security/cve/CVE-2021-47159"
},
{
"category": "external",
"summary": "SUSE Bug 1221967 for CVE-2021-47159",
"url": "https://bugzilla.suse.com/1221967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47159"
},
{
"cve": "CVE-2021-47161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-dspi: Fix a resource leak in an error handling path\n\n\u0027dspi_request_dma()\u0027 should be undone by a \u0027dspi_release_dma()\u0027 call in the\nerror handling path of the probe function, as already done in the remove\nfunction",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47161",
"url": "https://www.suse.com/security/cve/CVE-2021-47161"
},
{
"category": "external",
"summary": "SUSE Bug 1221966 for CVE-2021-47161",
"url": "https://bugzilla.suse.com/1221966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47161"
},
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: fix shutdown crash when component not probed\n\nWhen main component is not probed, by example when the dw-hdmi module is\nnot loaded yet or in probe defer, the following crash appears on shutdown:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\n...\npc : meson_drv_shutdown+0x24/0x50\nlr : platform_drv_shutdown+0x20/0x30\n...\nCall trace:\nmeson_drv_shutdown+0x24/0x50\nplatform_drv_shutdown+0x20/0x30\ndevice_shutdown+0x158/0x360\nkernel_restart_prepare+0x38/0x48\nkernel_restart+0x18/0x68\n__do_sys_reboot+0x224/0x250\n__arm64_sys_reboot+0x24/0x30\n...\n\nSimply check if the priv struct has been allocated before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47165",
"url": "https://www.suse.com/security/cve/CVE-2021-47165"
},
{
"category": "external",
"summary": "SUSE Bug 1221965 for CVE-2021-47165",
"url": "https://bugzilla.suse.com/1221965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47165"
},
{
"cve": "CVE-2021-47166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47166"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Don\u0027t corrupt the value of pg_bytes_written in nfs_do_recoalesce()\n\nThe value of mirror-\u003epg_bytes_written should only be updated after a\nsuccessful attempt to flush out the requests on the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47166",
"url": "https://www.suse.com/security/cve/CVE-2021-47166"
},
{
"category": "external",
"summary": "SUSE Bug 1221998 for CVE-2021-47166",
"url": "https://bugzilla.suse.com/1221998"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47166",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47166"
},
{
"cve": "CVE-2021-47167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix an Oopsable condition in __nfs_pageio_add_request()\n\nEnsure that nfs_pageio_error_cleanup() resets the mirror array contents,\nso that the structure reflects the fact that it is now empty.\nAlso change the test in nfs_pageio_do_add_request() to be more robust by\nchecking whether or not the list is empty rather than relying on the\nvalue of pg_count.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47167",
"url": "https://www.suse.com/security/cve/CVE-2021-47167"
},
{
"category": "external",
"summary": "SUSE Bug 1221991 for CVE-2021-47167",
"url": "https://bugzilla.suse.com/1221991"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47167",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47167"
},
{
"cve": "CVE-2021-47168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47168"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption. It should be NFS_MAXFHSIZE because that\u0027s the size\nof the -\u003edata[] buffer.\n\nI reversed the size of the arguments to put the variable on the left.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47168",
"url": "https://www.suse.com/security/cve/CVE-2021-47168"
},
{
"category": "external",
"summary": "SUSE Bug 1222002 for CVE-2021-47168",
"url": "https://bugzilla.suse.com/1222002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47168"
},
{
"cve": "CVE-2021-47169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47169"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: rp2: use \u0027request_firmware\u0027 instead of \u0027request_firmware_nowait\u0027\n\nIn \u0027rp2_probe\u0027, the driver registers \u0027rp2_uart_interrupt\u0027 then calls\n\u0027rp2_fw_cb\u0027 through \u0027request_firmware_nowait\u0027. In \u0027rp2_fw_cb\u0027, if the\nfirmware don\u0027t exists, function just return without initializing ports\nof \u0027rp2_card\u0027. But now the interrupt handler function has been\nregistered, and when an interrupt comes, \u0027rp2_uart_interrupt\u0027 may access\nthose ports then causing NULL pointer dereference or other bugs.\n\nBecause the driver does some initialization work in \u0027rp2_fw_cb\u0027, in\norder to make the driver ready to handle interrupts, \u0027request_firmware\u0027\nshould be used instead of asynchronous \u0027request_firmware_nowait\u0027.\n\nThis report reveals it:\n\nINFO: trying to register non-static key.\nthe code is fine but needs lockdep annotation.\nturning off the locking correctness validator.\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xec/0x156 lib/dump_stack.c:118\n assign_lock_key kernel/locking/lockdep.c:727 [inline]\n register_lock_class+0x14e5/0x1ba0 kernel/locking/lockdep.c:753\n __lock_acquire+0x187/0x3750 kernel/locking/lockdep.c:3303\n lock_acquire+0x124/0x340 kernel/locking/lockdep.c:3907\n __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]\n _raw_spin_lock+0x32/0x50 kernel/locking/spinlock.c:144\n spin_lock include/linux/spinlock.h:329 [inline]\n rp2_ch_interrupt drivers/tty/serial/rp2.c:466 [inline]\n rp2_asic_interrupt.isra.9+0x15d/0x990 drivers/tty/serial/rp2.c:493\n rp2_uart_interrupt+0x49/0xe0 drivers/tty/serial/rp2.c:504\n __handle_irq_event_percpu+0xfb/0x770 kernel/irq/handle.c:149\n handle_irq_event_percpu+0x79/0x150 kernel/irq/handle.c:189\n handle_irq_event+0xac/0x140 kernel/irq/handle.c:206\n handle_fasteoi_irq+0x232/0x5c0 kernel/irq/chip.c:725\n generic_handle_irq_desc include/linux/irqdesc.h:155 [inline]\n handle_irq+0x230/0x3a0 arch/x86/kernel/irq_64.c:87\n do_IRQ+0xa7/0x1e0 arch/x86/kernel/irq.c:247\n common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:670\n \u003c/IRQ\u003e\nRIP: 0010:native_safe_halt+0x28/0x30 arch/x86/include/asm/irqflags.h:61\nCode: 00 00 55 be 04 00 00 00 48 c7 c7 00 c2 2f 8c 48 89 e5 e8 fb 31 e7 f8\n8b 05 75 af 8d 03 85 c0 7e 07 0f 00 2d 8a 61 65 00 fb f4 \u003c5d\u003e c3 90 90 90\n90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41\nRSP: 0018:ffff88806b71fcc8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffde\nRAX: 0000000000000000 RBX: ffffffff8bde7e48 RCX: ffffffff88a21285\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8c2fc200\nRBP: ffff88806b71fcc8 R08: fffffbfff185f840 R09: fffffbfff185f840\nR10: 0000000000000001 R11: fffffbfff185f840 R12: 0000000000000002\nR13: ffffffff8bea18a0 R14: 0000000000000000 R15: 0000000000000000\n arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline]\n default_idle+0x6f/0x360 arch/x86/kernel/process.c:557\n arch_cpu_idle+0xf/0x20 arch/x86/kernel/process.c:548\n default_idle_call+0x3b/0x60 kernel/sched/idle.c:93\n cpuidle_idle_call kernel/sched/idle.c:153 [inline]\n do_idle+0x2ab/0x3c0 kernel/sched/idle.c:263\n cpu_startup_entry+0xcb/0xe0 kernel/sched/idle.c:369\n start_secondary+0x3b8/0x4e0 arch/x86/kernel/smpboot.c:271\n secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000010\nPGD 8000000056d27067 P4D 8000000056d27067 PUD 56d28067 PMD 0\nOops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nRIP: 0010:readl arch/x86/include/asm/io.h:59 [inline]\nRIP: 0010:rp2_ch_interrupt drivers/tty/serial/rp2.c:472 [inline]\nRIP: 0010:rp2_asic_interrupt.isra.9+0x181/0x990 drivers/tty/serial/rp2.c:\n493\nCo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47169",
"url": "https://www.suse.com/security/cve/CVE-2021-47169"
},
{
"category": "external",
"summary": "SUSE Bug 1222000 for CVE-2021-47169",
"url": "https://bugzilla.suse.com/1222000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47169"
},
{
"cve": "CVE-2021-47171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47171",
"url": "https://www.suse.com/security/cve/CVE-2021-47171"
},
{
"category": "external",
"summary": "SUSE Bug 1221994 for CVE-2021-47171",
"url": "https://bugzilla.suse.com/1221994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/uss720: fix memory leak in uss720_probe\n\nuss720_probe forgets to decrease the refcount of usbdev in uss720_probe.\nFix this by decreasing the refcount of usbdev by usb_put_dev.\n\nBUG: memory leak\nunreferenced object 0xffff888101113800 (size 2048):\n comm \"kworker/0:1\", pid 7, jiffies 4294956777 (age 28.870s)\n hex dump (first 32 bytes):\n ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1...........\n 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................\n backtrace:\n [\u003cffffffff82b8e822\u003e] kmalloc include/linux/slab.h:554 [inline]\n [\u003cffffffff82b8e822\u003e] kzalloc include/linux/slab.h:684 [inline]\n [\u003cffffffff82b8e822\u003e] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582\n [\u003cffffffff82b98441\u003e] hub_port_connect drivers/usb/core/hub.c:5129 [inline]\n [\u003cffffffff82b98441\u003e] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]\n [\u003cffffffff82b98441\u003e] port_event drivers/usb/core/hub.c:5509 [inline]\n [\u003cffffffff82b98441\u003e] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591\n [\u003cffffffff81259229\u003e] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275\n [\u003cffffffff81259b19\u003e] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421\n [\u003cffffffff81261228\u003e] kthread+0x178/0x1b0 kernel/kthread.c:292\n [\u003cffffffff8100227f\u003e] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47173",
"url": "https://www.suse.com/security/cve/CVE-2021-47173"
},
{
"category": "external",
"summary": "SUSE Bug 1221993 for CVE-2021-47173",
"url": "https://bugzilla.suse.com/1221993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47173"
},
{
"cve": "CVE-2021-47177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix sysfs leak in alloc_iommu()\n\niommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent\nerrors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47177",
"url": "https://www.suse.com/security/cve/CVE-2021-47177"
},
{
"category": "external",
"summary": "SUSE Bug 1221997 for CVE-2021-47177",
"url": "https://bugzilla.suse.com/1221997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47177"
},
{
"cve": "CVE-2021-47179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()\n\nCommit de144ff4234f changes _pnfs_return_layout() to call\npnfs_mark_matching_lsegs_return() passing NULL as the struct\npnfs_layout_range argument. Unfortunately,\npnfs_mark_matching_lsegs_return() doesn\u0027t check if we have a value here\nbefore dereferencing it, causing an oops.\n\nI\u0027m able to hit this crash consistently when running connectathon basic\ntests on NFS v4.1/v4.2 against Ontap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47179",
"url": "https://www.suse.com/security/cve/CVE-2021-47179"
},
{
"category": "external",
"summary": "SUSE Bug 1222001 for CVE-2021-47179",
"url": "https://bugzilla.suse.com/1222001"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47179",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47179"
},
{
"cve": "CVE-2021-47180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47180"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: fix memory leak in nci_allocate_device\n\nnfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev.\nFix this by freeing hci_dev in nci_free_device.\n\nBUG: memory leak\nunreferenced object 0xffff888111ea6800 (size 1024):\n comm \"kworker/1:0\", pid 19, jiffies 4294942308 (age 13.580s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 60 fd 0c 81 88 ff ff .........`......\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000004bc25d43\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c000000004bc25d43\u003e] kzalloc include/linux/slab.h:682 [inline]\n [\u003c000000004bc25d43\u003e] nci_hci_allocate+0x21/0xd0 net/nfc/nci/hci.c:784\n [\u003c00000000c59cff92\u003e] nci_allocate_device net/nfc/nci/core.c:1170 [inline]\n [\u003c00000000c59cff92\u003e] nci_allocate_device+0x10b/0x160 net/nfc/nci/core.c:1132\n [\u003c00000000006e0a8e\u003e] nfcmrvl_nci_register_dev+0x10a/0x1c0 drivers/nfc/nfcmrvl/main.c:153\n [\u003c000000004da1b57e\u003e] nfcmrvl_probe+0x223/0x290 drivers/nfc/nfcmrvl/usb.c:345\n [\u003c00000000d506aed9\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554\n [\u003c00000000f5009125\u003e] driver_probe_device+0x84/0x100 drivers/base/dd.c:740\n [\u003c000000000ce658ca\u003e] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846\n [\u003c000000007067d05f\u003e] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431\n [\u003c00000000f8e13372\u003e] __device_attach+0x122/0x250 drivers/base/dd.c:914\n [\u003c000000009cf68860\u003e] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491\n [\u003c00000000359c965a\u003e] device_add+0x5be/0xc30 drivers/base/core.c:3109\n [\u003c00000000086e4bd3\u003e] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164\n [\u003c00000000ca036872\u003e] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n [\u003c00000000d40d36f6\u003e] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47180",
"url": "https://www.suse.com/security/cve/CVE-2021-47180"
},
{
"category": "external",
"summary": "SUSE Bug 1221999 for CVE-2021-47180",
"url": "https://bugzilla.suse.com/1221999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47180"
},
{
"cve": "CVE-2021-47181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: tusb6010: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47181",
"url": "https://www.suse.com/security/cve/CVE-2021-47181"
},
{
"category": "external",
"summary": "SUSE Bug 1222660 for CVE-2021-47181",
"url": "https://bugzilla.suse.com/1222660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47181"
},
{
"cve": "CVE-2021-47182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47182"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix scsi_mode_sense() buffer length handling\n\nSeveral problems exist with scsi_mode_sense() buffer length handling:\n\n 1) The allocation length field of the MODE SENSE(10) command is 16-bits,\n occupying bytes 7 and 8 of the CDB. With this command, access to mode\n pages larger than 255 bytes is thus possible. However, the CDB\n allocation length field is set by assigning len to byte 8 only, thus\n truncating buffer length larger than 255.\n\n 2) If scsi_mode_sense() is called with len smaller than 8 with\n sdev-\u003euse_10_for_ms set, or smaller than 4 otherwise, the buffer length\n is increased to 8 and 4 respectively, and the buffer is zero filled\n with these increased values, thus corrupting the memory following the\n buffer.\n\nFix these 2 problems by using put_unaligned_be16() to set the allocation\nlength field of MODE SENSE(10) CDB and by returning an error when len is\ntoo small.\n\nFurthermore, if len is larger than 255B, always try MODE SENSE(10) first,\neven if the device driver did not set sdev-\u003euse_10_for_ms. In case of\ninvalid opcode error for MODE SENSE(10), access to mode pages larger than\n255 bytes are not retried using MODE SENSE(6). To avoid buffer length\noverflows for the MODE_SENSE(10) case, check that len is smaller than 65535\nbytes.\n\nWhile at it, also fix the folowing:\n\n * Use get_unaligned_be16() to retrieve the mode data length and block\n descriptor length fields of the mode sense reply header instead of using\n an open coded calculation.\n\n * Fix the kdoc dbd argument explanation: the DBD bit stands for Disable\n Block Descriptor, which is the opposite of what the dbd argument\n description was.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47182",
"url": "https://www.suse.com/security/cve/CVE-2021-47182"
},
{
"category": "external",
"summary": "SUSE Bug 1222662 for CVE-2021-47182",
"url": "https://bugzilla.suse.com/1222662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47182"
},
{
"cve": "CVE-2021-47183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix link down processing to address NULL pointer dereference\n\nIf an FC link down transition while PLOGIs are outstanding to fabric well\nknown addresses, outstanding ABTS requests may result in a NULL pointer\ndereference. Driver unload requests may hang with repeated \"2878\" log\nmessages.\n\nThe Link down processing results in ABTS requests for outstanding ELS\nrequests. The Abort WQEs are sent for the ELSs before the driver had set\nthe link state to down. Thus the driver is sending the Abort with the\nexpectation that an ABTS will be sent on the wire. The Abort request is\nstalled waiting for the link to come up. In some conditions the driver may\nauto-complete the ELSs thus if the link does come up, the Abort completions\nmay reference an invalid structure.\n\nFix by ensuring that Abort set the flag to avoid link traffic if issued due\nto conditions where the link failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47183",
"url": "https://www.suse.com/security/cve/CVE-2021-47183"
},
{
"category": "external",
"summary": "SUSE Bug 1222664 for CVE-2021-47183",
"url": "https://bugzilla.suse.com/1222664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47183"
},
{
"cve": "CVE-2021-47184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that\u0027s causing a kernel oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47184",
"url": "https://www.suse.com/security/cve/CVE-2021-47184"
},
{
"category": "external",
"summary": "SUSE Bug 1222666 for CVE-2021-47184",
"url": "https://bugzilla.suse.com/1222666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47184"
},
{
"cve": "CVE-2021-47185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n Workqueue: events_unbound flush_to_ldisc\n Call trace:\n dump_backtrace+0x0/0x1ec\n show_stack+0x24/0x30\n dump_stack+0xd0/0x128\n panic+0x15c/0x374\n watchdog_timer_fn+0x2b8/0x304\n __run_hrtimer+0x88/0x2c0\n __hrtimer_run_queues+0xa4/0x120\n hrtimer_interrupt+0xfc/0x270\n arch_timer_handler_phys+0x40/0x50\n handle_percpu_devid_irq+0x94/0x220\n __handle_domain_irq+0x88/0xf0\n gic_handle_irq+0x84/0xfc\n el1_irq+0xc8/0x180\n slip_unesc+0x80/0x214 [slip]\n tty_ldisc_receive_buf+0x64/0x80\n tty_port_default_receive_buf+0x50/0x90\n flush_to_ldisc+0xbc/0x110\n process_one_work+0x1d4/0x4b0\n worker_thread+0x180/0x430\n kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47185",
"url": "https://www.suse.com/security/cve/CVE-2021-47185"
},
{
"category": "external",
"summary": "SUSE Bug 1222669 for CVE-2021-47185",
"url": "https://bugzilla.suse.com/1222669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47185"
},
{
"cve": "CVE-2021-47188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp-\u003ecmd);\n\nFix this warning by clearing lrbp-\u003ecmd from the abort handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47188",
"url": "https://www.suse.com/security/cve/CVE-2021-47188"
},
{
"category": "external",
"summary": "SUSE Bug 1222671 for CVE-2021-47188",
"url": "https://bugzilla.suse.com/1222671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47189"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix memory ordering between normal and ordered work functions\n\nOrdered work functions aren\u0027t guaranteed to be handled by the same thread\nwhich executed the normal work functions. The only way execution between\nnormal/ordered functions is synchronized is via the WORK_DONE_BIT,\nunfortunately the used bitops don\u0027t guarantee any ordering whatsoever.\n\nThis manifested as seemingly inexplicable crashes on ARM64, where\nasync_chunk::inode is seen as non-null in async_cow_submit which causes\nsubmit_compressed_extents to be called and crash occurs because\nasync_chunk::inode suddenly became NULL. The call trace was similar to:\n\n pc : submit_compressed_extents+0x38/0x3d0\n lr : async_cow_submit+0x50/0xd0\n sp : ffff800015d4bc20\n\n \u003cregisters omitted for brevity\u003e\n\n Call trace:\n submit_compressed_extents+0x38/0x3d0\n async_cow_submit+0x50/0xd0\n run_ordered_work+0xc8/0x280\n btrfs_work_helper+0x98/0x250\n process_one_work+0x1f0/0x4ac\n worker_thread+0x188/0x504\n kthread+0x110/0x114\n ret_from_fork+0x10/0x18\n\nFix this by adding respective barrier calls which ensure that all\naccesses preceding setting of WORK_DONE_BIT are strictly ordered before\nsetting the flag. At the same time add a read barrier after reading of\nWORK_DONE_BIT in run_ordered_work which ensures all subsequent loads\nwould be strictly ordered after reading the bit. This in turn ensures\nare all accesses before WORK_DONE_BIT are going to be strictly ordered\nbefore any access that can occur in ordered_func.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47189",
"url": "https://www.suse.com/security/cve/CVE-2021-47189"
},
{
"category": "external",
"summary": "SUSE Bug 1222706 for CVE-2021-47189",
"url": "https://bugzilla.suse.com/1222706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47189"
},
{
"cve": "CVE-2021-47198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine\n\nAn error is detected with the following report when unloading the driver:\n \"KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b\"\n\nThe NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the\nflag is not cleared upon completion of the login.\n\nThis allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set\nto LPFC_RPI_ALLOW_ERROR. This results in a use after free access when used\nas an rpi_ids array index.\n\nFix by clearing the NLP_REG_LOGIN_SEND nlp_flag in\nlpfc_mbx_cmpl_fc_reg_login().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47198",
"url": "https://www.suse.com/security/cve/CVE-2021-47198"
},
{
"category": "external",
"summary": "SUSE Bug 1222883 for CVE-2021-47198",
"url": "https://bugzilla.suse.com/1222883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47198"
},
{
"cve": "CVE-2021-47202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: Fix NULL pointer dereferences in of_thermal_ functions\n\nof_parse_thermal_zones() parses the thermal-zones node and registers a\nthermal_zone device for each subnode. However, if a thermal zone is\nconsuming a thermal sensor and that thermal sensor device hasn\u0027t probed\nyet, an attempt to set trip_point_*_temp for that thermal zone device\ncan cause a NULL pointer dereference. Fix it.\n\n console:/sys/class/thermal/thermal_zone87 # echo 120000 \u003e trip_point_0_temp\n ...\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ...\n Call trace:\n of_thermal_set_trip_temp+0x40/0xc4\n trip_point_temp_store+0xc0/0x1dc\n dev_attr_store+0x38/0x88\n sysfs_kf_write+0x64/0xc0\n kernfs_fop_write_iter+0x108/0x1d0\n vfs_write+0x2f4/0x368\n ksys_write+0x7c/0xec\n __arm64_sys_write+0x20/0x30\n el0_svc_common.llvm.7279915941325364641+0xbc/0x1bc\n do_el0_svc+0x28/0xa0\n el0_svc+0x14/0x24\n el0_sync_handler+0x88/0xec\n el0_sync+0x1c0/0x200\n\nWhile at it, fix the possible NULL pointer dereference in other\nfunctions as well: of_thermal_get_temp(), of_thermal_set_emul_temp(),\nof_thermal_get_trend().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47202",
"url": "https://www.suse.com/security/cve/CVE-2021-47202"
},
{
"category": "external",
"summary": "SUSE Bug 1222878 for CVE-2021-47202",
"url": "https://bugzilla.suse.com/1222878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47202"
},
{
"cve": "CVE-2021-47203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47203"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()\n\nWhen parsing the txq list in lpfc_drain_txq(), the driver attempts to pass\nthe requests to the adapter. If such an attempt fails, a local \"fail_msg\"\nstring is set and a log message output. The job is then added to a\ncompletions list for cancellation.\n\nProcessing of any further jobs from the txq list continues, but since\n\"fail_msg\" remains set, jobs are added to the completions list regardless\nof whether a wqe was passed to the adapter. If successfully added to\ntxcmplq, jobs are added to both lists resulting in list corruption.\n\nFix by clearing the fail_msg string after adding a job to the completions\nlist. This stops the subsequent jobs from being added to the completions\nlist unless they had an appropriate failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47203",
"url": "https://www.suse.com/security/cve/CVE-2021-47203"
},
{
"category": "external",
"summary": "SUSE Bug 1222881 for CVE-2021-47203",
"url": "https://bugzilla.suse.com/1222881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47203"
},
{
"cve": "CVE-2021-47204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dpaa2-eth: fix use-after-free in dpaa2_eth_remove\n\nAccess to netdev after free_netdev() will cause use-after-free bug.\nMove debug log before free_netdev() call to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47204",
"url": "https://www.suse.com/security/cve/CVE-2021-47204"
},
{
"category": "external",
"summary": "SUSE Bug 1222787 for CVE-2021-47204",
"url": "https://bugzilla.suse.com/1222787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47204"
},
{
"cve": "CVE-2021-47205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: Unregister clocks/resets when unbinding\n\nCurrently, unbinding a CCU driver unmaps the device\u0027s MMIO region, while\nleaving its clocks/resets and their providers registered. This can cause\na page fault later when some clock operation tries to perform MMIO. Fix\nthis by separating the CCU initialization from the memory allocation,\nand then using a devres callback to unregister the clocks and resets.\n\nThis also fixes a memory leak of the `struct ccu_reset`, and uses the\ncorrect owner (the specific platform driver) for the clocks and resets.\n\nEarly OF clock providers are never unregistered, and limited error\nhandling is possible, so they are mostly unchanged. The error reporting\nis made more consistent by moving the message inside of_sunxi_ccu_probe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47205",
"url": "https://www.suse.com/security/cve/CVE-2021-47205"
},
{
"category": "external",
"summary": "SUSE Bug 1222888 for CVE-2021-47205",
"url": "https://bugzilla.suse.com/1222888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47205"
},
{
"cve": "CVE-2021-47207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47207"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: gus: fix null pointer dereference on pointer block\n\nThe pointer block return from snd_gf1_dma_next_block could be\nnull, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47207",
"url": "https://www.suse.com/security/cve/CVE-2021-47207"
},
{
"category": "external",
"summary": "SUSE Bug 1222790 for CVE-2021-47207",
"url": "https://bugzilla.suse.com/1222790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47207"
},
{
"cve": "CVE-2021-47211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: fix null pointer dereference on pointer cs_desc\n\nThe pointer cs_desc return from snd_usb_find_clock_source could\nbe null, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47211",
"url": "https://www.suse.com/security/cve/CVE-2021-47211"
},
{
"category": "external",
"summary": "SUSE Bug 1222869 for CVE-2021-47211",
"url": "https://bugzilla.suse.com/1222869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47211"
},
{
"cve": "CVE-2021-47216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: advansys: Fix kernel pointer leak\n\nPointers should be printed with %p or %px rather than cast to \u0027unsigned\nlong\u0027 and printed with %lx.\n\nChange %lx to %p to print the hashed pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47216",
"url": "https://www.suse.com/security/cve/CVE-2021-47216"
},
{
"category": "external",
"summary": "SUSE Bug 1222876 for CVE-2021-47216",
"url": "https://bugzilla.suse.com/1222876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47216"
},
{
"cve": "CVE-2021-47217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails\n\nCheck for a valid hv_vp_index array prior to derefencing hv_vp_index when\nsetting Hyper-V\u0027s TSC change callback. If Hyper-V setup failed in\nhyperv_init(), the kernel will still report that it\u0027s running under\nHyper-V, but will have silently disabled nearly all functionality.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 4 PID: 1 Comm: swapper/0 Not tainted 5.15.0-rc2+ #75\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:set_hv_tscchange_cb+0x15/0xa0\n Code: \u003c8b\u003e 04 82 8b 15 12 17 85 01 48 c1 e0 20 48 0d ee 00 01 00 f6 c6 08\n ...\n Call Trace:\n kvm_arch_init+0x17c/0x280\n kvm_init+0x31/0x330\n vmx_init+0xba/0x13a\n do_one_initcall+0x41/0x1c0\n kernel_init_freeable+0x1f2/0x23b\n kernel_init+0x16/0x120\n ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47217",
"url": "https://www.suse.com/security/cve/CVE-2021-47217"
},
{
"category": "external",
"summary": "SUSE Bug 1222836 for CVE-2021-47217",
"url": "https://bugzilla.suse.com/1222836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2021-47217"
},
{
"cve": "CVE-2022-0487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0487"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0487",
"url": "https://www.suse.com/security/cve/CVE-2022-0487"
},
{
"category": "external",
"summary": "SUSE Bug 1194516 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1194516"
},
{
"category": "external",
"summary": "SUSE Bug 1195949 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1195949"
},
{
"category": "external",
"summary": "SUSE Bug 1198615 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1198615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2022-0487"
},
{
"cve": "CVE-2022-48619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48619"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48619",
"url": "https://www.suse.com/security/cve/CVE-2022-48619"
},
{
"category": "external",
"summary": "SUSE Bug 1218220 for CVE-2022-48619",
"url": "https://bugzilla.suse.com/1218220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48619"
},
{
"cve": "CVE-2022-48626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48626"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmoxart: fix potential use-after-free on remove path\n\nIt was reported that the mmc host structure could be accessed after it\nwas freed in moxart_remove(), so fix this by saving the base register of\nthe device and using it instead of the pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48626",
"url": "https://www.suse.com/security/cve/CVE-2022-48626"
},
{
"category": "external",
"summary": "SUSE Bug 1220366 for CVE-2022-48626",
"url": "https://bugzilla.suse.com/1220366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48626"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn\u0027t find a command, but it missed to clean\nup the allocated memory for the management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48650",
"url": "https://www.suse.com/security/cve/CVE-2022-48650"
},
{
"category": "external",
"summary": "SUSE Bug 1223509 for CVE-2022-48650",
"url": "https://bugzilla.suse.com/1223509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48650"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in insert range\n\ninsert range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting file data.\n\nAlso includes some minor cleanup (avoiding rereading\ninode size repeatedly unnecessarily) to make it clearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48667",
"url": "https://www.suse.com/security/cve/CVE-2022-48667"
},
{
"category": "external",
"summary": "SUSE Bug 1223518 for CVE-2022-48667",
"url": "https://bugzilla.suse.com/1223518"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48667"
},
{
"cve": "CVE-2022-48668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in collapse range\n\ncollapse range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting the file data. This\nfixes xfstest generic/031\n\nI also decided to merge a minor cleanup to this into the same patch\n(avoiding rereading inode size repeatedly unnecessarily) to make it\nclearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48668",
"url": "https://www.suse.com/security/cve/CVE-2022-48668"
},
{
"category": "external",
"summary": "SUSE Bug 1223516 for CVE-2022-48668",
"url": "https://bugzilla.suse.com/1223516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48668"
},
{
"cve": "CVE-2022-48687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix out-of-bounds read when setting HMAC data.\n\nThe SRv6 layer allows defining HMAC data that can later be used to sign IPv6\nSegment Routing Headers. This configuration is realised via netlink through\nfour attributes: SEG6_ATTR_HMACKEYID, SEG6_ATTR_SECRET, SEG6_ATTR_SECRETLEN and\nSEG6_ATTR_ALGID. Because the SECRETLEN attribute is decoupled from the actual\nlength of the SECRET attribute, it is possible to provide invalid combinations\n(e.g., secret = \"\", secretlen = 64). This case is not checked in the code and\nwith an appropriately crafted netlink message, an out-of-bounds read of up\nto 64 bytes (max secret length) can occur past the skb end pointer and into\nskb_shared_info:\n\nBreakpoint 1, seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n208\t\tmemcpy(hinfo-\u003esecret, secret, slen);\n(gdb) bt\n #0 seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n #1 0xffffffff81e012e9 in genl_family_rcv_msg_doit (skb=skb@entry=0xffff88800b1f9f00, nlh=nlh@entry=0xffff88800b1b7600,\n extack=extack@entry=0xffffc90000ba7af0, ops=ops@entry=0xffffc90000ba7a80, hdrlen=4, net=0xffffffff84237580 \u003cinit_net\u003e, family=\u003coptimized out\u003e,\n family=\u003coptimized out\u003e) at net/netlink/genetlink.c:731\n #2 0xffffffff81e01435 in genl_family_rcv_msg (extack=0xffffc90000ba7af0, nlh=0xffff88800b1b7600, skb=0xffff88800b1f9f00,\n family=0xffffffff82fef6c0 \u003cseg6_genl_family\u003e) at net/netlink/genetlink.c:775\n #3 genl_rcv_msg (skb=0xffff88800b1f9f00, nlh=0xffff88800b1b7600, extack=0xffffc90000ba7af0) at net/netlink/genetlink.c:792\n #4 0xffffffff81dfffc3 in netlink_rcv_skb (skb=skb@entry=0xffff88800b1f9f00, cb=cb@entry=0xffffffff81e01350 \u003cgenl_rcv_msg\u003e)\n at net/netlink/af_netlink.c:2501\n #5 0xffffffff81e00919 in genl_rcv (skb=0xffff88800b1f9f00) at net/netlink/genetlink.c:803\n #6 0xffffffff81dff6ae in netlink_unicast_kernel (ssk=0xffff888010eec800, skb=0xffff88800b1f9f00, sk=0xffff888004aed000)\n at net/netlink/af_netlink.c:1319\n #7 netlink_unicast (ssk=ssk@entry=0xffff888010eec800, skb=skb@entry=0xffff88800b1f9f00, portid=portid@entry=0, nonblock=\u003coptimized out\u003e)\n at net/netlink/af_netlink.c:1345\n #8 0xffffffff81dff9a4 in netlink_sendmsg (sock=\u003coptimized out\u003e, msg=0xffffc90000ba7e48, len=\u003coptimized out\u003e) at net/netlink/af_netlink.c:1921\n...\n(gdb) p/x ((struct sk_buff *)0xffff88800b1f9f00)-\u003ehead + ((struct sk_buff *)0xffff88800b1f9f00)-\u003eend\n$1 = 0xffff88800b1b76c0\n(gdb) p/x secret\n$2 = 0xffff88800b1b76c0\n(gdb) p slen\n$3 = 64 \u0027@\u0027\n\nThe OOB data can then be read back from userspace by dumping HMAC state. This\ncommit fixes this by ensuring SECRETLEN cannot exceed the actual length of\nSECRET.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48687",
"url": "https://www.suse.com/security/cve/CVE-2022-48687"
},
{
"category": "external",
"summary": "SUSE Bug 1223952 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "external",
"summary": "SUSE Bug 1224043 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1224043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2022-48687"
},
{
"cve": "CVE-2022-48688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix kernel crash during module removal\n\nThe driver incorrectly frees client instance and subsequent\ni40e module removal leads to kernel crash.\n\nReproducer:\n1. Do ethtool offline test followed immediately by another one\nhost# ethtool -t eth0 offline; ethtool -t eth0 offline\n2. Remove recursively irdma module that also removes i40e module\nhost# modprobe -r irdma\n\nResult:\n[ 8675.035651] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.193774] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.201316] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.358921] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.496921] i40e 0000:3d:00.0: IRDMA hardware initialization FAILED init_state=2 status=-110\n[ 8686.188955] i40e 0000:3d:00.1: i40e_ptp_stop: removed PHC on eno2\n[ 8686.943890] i40e 0000:3d:00.1: Deleted LAN device PF1 bus=0x3d dev=0x00 func=0x01\n[ 8686.952669] i40e 0000:3d:00.0: i40e_ptp_stop: removed PHC on eno1\n[ 8687.761787] BUG: kernel NULL pointer dereference, address: 0000000000000030\n[ 8687.768755] #PF: supervisor read access in kernel mode\n[ 8687.773895] #PF: error_code(0x0000) - not-present page\n[ 8687.779034] PGD 0 P4D 0\n[ 8687.781575] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 8687.785935] CPU: 51 PID: 172891 Comm: rmmod Kdump: loaded Tainted: G W I 5.19.0+ #2\n[ 8687.794800] Hardware name: Intel Corporation S2600WFD/S2600WFD, BIOS SE5C620.86B.0X.02.0001.051420190324 05/14/2019\n[ 8687.805222] RIP: 0010:i40e_lan_del_device+0x13/0xb0 [i40e]\n[ 8687.810719] Code: d4 84 c0 0f 84 b8 25 01 00 e9 9c 25 01 00 41 bc f4 ff ff ff eb 91 90 0f 1f 44 00 00 41 54 55 53 48 8b 87 58 08 00 00 48 89 fb \u003c48\u003e 8b 68 30 48 89 ef e8 21 8a 0f d5 48 89 ef e8 a9 78 0f d5 48 8b\n[ 8687.829462] RSP: 0018:ffffa604072efce0 EFLAGS: 00010202\n[ 8687.834689] RAX: 0000000000000000 RBX: ffff8f43833b2000 RCX: 0000000000000000\n[ 8687.841821] RDX: 0000000000000000 RSI: ffff8f4b0545b298 RDI: ffff8f43833b2000\n[ 8687.848955] RBP: ffff8f43833b2000 R08: 0000000000000001 R09: 0000000000000000\n[ 8687.856086] R10: 0000000000000000 R11: 000ffffffffff000 R12: ffff8f43833b2ef0\n[ 8687.863218] R13: ffff8f43833b2ef0 R14: ffff915103966000 R15: ffff8f43833b2008\n[ 8687.870342] FS: 00007f79501c3740(0000) GS:ffff8f4adffc0000(0000) knlGS:0000000000000000\n[ 8687.878427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8687.884174] CR2: 0000000000000030 CR3: 000000014276e004 CR4: 00000000007706e0\n[ 8687.891306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 8687.898441] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 8687.905572] PKRU: 55555554\n[ 8687.908286] Call Trace:\n[ 8687.910737] \u003cTASK\u003e\n[ 8687.912843] i40e_remove+0x2c0/0x330 [i40e]\n[ 8687.917040] pci_device_remove+0x33/0xa0\n[ 8687.920962] device_release_driver_internal+0x1aa/0x230\n[ 8687.926188] driver_detach+0x44/0x90\n[ 8687.929770] bus_remove_driver+0x55/0xe0\n[ 8687.933693] pci_unregister_driver+0x2a/0xb0\n[ 8687.937967] i40e_exit_module+0xc/0xf48 [i40e]\n\nTwo offline tests cause IRDMA driver failure (ETIMEDOUT) and this\nfailure is indicated back to i40e_client_subtask() that calls\ni40e_client_del_instance() to free client instance referenced\nby pf-\u003ecinst and sets this pointer to NULL. During the module\nremoval i40e_remove() calls i40e_lan_del_device() that dereferences\npf-\u003ecinst that is NULL -\u003e crash.\nDo not remove client instance when client open callbacks fails and\njust clear __I40E_CLIENT_INSTANCE_OPENED bit. The driver also needs\nto take care about this situation (when netdev is up and client\nis NOT opened) in i40e_notify_client_of_netdev_close() and\ncalls client close callback only when __I40E_CLIENT_INSTANCE_OPENED\nis set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48688",
"url": "https://www.suse.com/security/cve/CVE-2022-48688"
},
{
"category": "external",
"summary": "SUSE Bug 1223953 for CVE-2022-48688",
"url": "https://bugzilla.suse.com/1223953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48688"
},
{
"cve": "CVE-2022-48695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use-after-free warning\n\nFix the following use-after-free warning which is observed during\ncontroller reset:\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48695",
"url": "https://www.suse.com/security/cve/CVE-2022-48695"
},
{
"category": "external",
"summary": "SUSE Bug 1223941 for CVE-2022-48695",
"url": "https://bugzilla.suse.com/1223941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2022-48695"
},
{
"cve": "CVE-2022-48701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()\n\nThere may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and\nthe number of it\u0027s interfaces less than 4, an out-of-bounds read bug occurs\nwhen parsing the interface descriptor for this device.\n\nFix this by checking the number of interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48701",
"url": "https://www.suse.com/security/cve/CVE-2022-48701"
},
{
"category": "external",
"summary": "SUSE Bug 1223921 for CVE-2022-48701",
"url": "https://bugzilla.suse.com/1223921"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "low"
}
],
"title": "CVE-2022-48701"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-28746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28746"
}
],
"notes": [
{
"category": "general",
"text": "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28746",
"url": "https://www.suse.com/security/cve/CVE-2023-28746"
},
{
"category": "external",
"summary": "SUSE Bug 1213456 for CVE-2023-28746",
"url": "https://bugzilla.suse.com/1213456"
},
{
"category": "external",
"summary": "SUSE Bug 1221323 for CVE-2023-28746",
"url": "https://bugzilla.suse.com/1221323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-28746"
},
{
"cve": "CVE-2023-35827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-35827"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-35827",
"url": "https://www.suse.com/security/cve/CVE-2023-35827"
},
{
"category": "external",
"summary": "SUSE Bug 1212514 for CVE-2023-35827",
"url": "https://bugzilla.suse.com/1212514"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-35827",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-35827",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-35827"
},
{
"cve": "CVE-2023-52454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length\n\nIf the host sends an H2CData command with an invalid DATAL,\nthe kernel may crash in nvmet_tcp_build_pdu_iovec().\n\nUnable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\nlr : nvmet_tcp_io_work+0x6ac/0x718 [nvmet_tcp]\nCall trace:\n process_one_work+0x174/0x3c8\n worker_thread+0x2d0/0x3e8\n kthread+0x104/0x110\n\nFix the bug by raising a fatal error if DATAL isn\u0027t coherent\nwith the packet size.\nAlso, the PDU length should never exceed the MAXH2CDATA parameter which\nhas been communicated to the host in nvmet_tcp_handle_icreq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52454",
"url": "https://www.suse.com/security/cve/CVE-2023-52454"
},
{
"category": "external",
"summary": "SUSE Bug 1220320 for CVE-2023-52454",
"url": "https://bugzilla.suse.com/1220320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52454"
},
{
"cve": "CVE-2023-52469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/amd/pm: fix a use-after-free in kv_parse_power_table\n\nWhen ps allocated by kzalloc equals to NULL, kv_parse_power_table\nfrees adev-\u003epm.dpm.ps that allocated before. However, after the control\nflow goes through the following call chains:\n\nkv_parse_power_table\n |-\u003e kv_dpm_init\n |-\u003e kv_dpm_sw_init\n\t |-\u003e kv_dpm_fini\n\nThe adev-\u003epm.dpm.ps is used in the for loop of kv_dpm_fini after its\nfirst free in kv_parse_power_table and causes a use-after-free bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52469",
"url": "https://www.suse.com/security/cve/CVE-2023-52469"
},
{
"category": "external",
"summary": "SUSE Bug 1220411 for CVE-2023-52469",
"url": "https://bugzilla.suse.com/1220411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52469"
},
{
"cve": "CVE-2023-52470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52470",
"url": "https://www.suse.com/security/cve/CVE-2023-52470"
},
{
"category": "external",
"summary": "SUSE Bug 1220413 for CVE-2023-52470",
"url": "https://bugzilla.suse.com/1220413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52470"
},
{
"cve": "CVE-2023-52474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests\n\nhfi1 user SDMA request processing has two bugs that can cause data\ncorruption for user SDMA requests that have multiple payload iovecs\nwhere an iovec other than the tail iovec does not run up to the page\nboundary for the buffer pointed to by that iovec.a\n\nHere are the specific bugs:\n1. user_sdma_txadd() does not use struct user_sdma_iovec-\u003eiov.iov_len.\n Rather, user_sdma_txadd() will add up to PAGE_SIZE bytes from iovec\n to the packet, even if some of those bytes are past\n iovec-\u003eiov.iov_len and are thus not intended to be in the packet.\n2. user_sdma_txadd() and user_sdma_send_pkts() fail to advance to the\n next iovec in user_sdma_request-\u003eiovs when the current iovec\n is not PAGE_SIZE and does not contain enough data to complete the\n packet. The transmitted packet will contain the wrong data from the\n iovec pages.\n\nThis has not been an issue with SDMA packets from hfi1 Verbs or PSM2\nbecause they only produce iovecs that end short of PAGE_SIZE as the tail\niovec of an SDMA request.\n\nFixing these bugs exposes other bugs with the SDMA pin cache\n(struct mmu_rb_handler) that get in way of supporting user SDMA requests\nwith multiple payload iovecs whose buffers do not end at PAGE_SIZE. So\nthis commit fixes those issues as well.\n\nHere are the mmu_rb_handler bugs that non-PAGE_SIZE-end multi-iovec\npayload user SDMA requests can hit:\n1. Overlapping memory ranges in mmu_rb_handler will result in duplicate\n pinnings.\n2. When extending an existing mmu_rb_handler entry (struct mmu_rb_node),\n the mmu_rb code (1) removes the existing entry under a lock, (2)\n releases that lock, pins the new pages, (3) then reacquires the lock\n to insert the extended mmu_rb_node.\n\n If someone else comes in and inserts an overlapping entry between (2)\n and (3), insert in (3) will fail.\n\n The failure path code in this case unpins _all_ pages in either the\n original mmu_rb_node or the new mmu_rb_node that was inserted between\n (2) and (3).\n3. In hfi1_mmu_rb_remove_unless_exact(), mmu_rb_node-\u003erefcount is\n incremented outside of mmu_rb_handler-\u003elock. As a result, mmu_rb_node\n could be evicted by another thread that gets mmu_rb_handler-\u003elock and\n checks mmu_rb_node-\u003erefcount before mmu_rb_node-\u003erefcount is\n incremented.\n4. Related to #2 above, SDMA request submission failure path does not\n check mmu_rb_node-\u003erefcount before freeing mmu_rb_node object.\n\n If there are other SDMA requests in progress whose iovecs have\n pointers to the now-freed mmu_rb_node(s), those pointers to the\n now-freed mmu_rb nodes will be dereferenced when those SDMA requests\n complete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52474",
"url": "https://www.suse.com/security/cve/CVE-2023-52474"
},
{
"category": "external",
"summary": "SUSE Bug 1220445 for CVE-2023-52474",
"url": "https://bugzilla.suse.com/1220445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2023-52476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/lbr: Filter vsyscall addresses\n\nWe found that a panic can occur when a vsyscall is made while LBR sampling\nis active. If the vsyscall is interrupted (NMI) for perf sampling, this\ncall sequence can occur (most recent at top):\n\n __insn_get_emulate_prefix()\n insn_get_emulate_prefix()\n insn_get_prefixes()\n insn_get_opcode()\n decode_branch_type()\n get_branch_type()\n intel_pmu_lbr_filter()\n intel_pmu_handle_irq()\n perf_event_nmi_handler()\n\nWithin __insn_get_emulate_prefix() at frame 0, a macro is called:\n\n peek_nbyte_next(insn_byte_t, insn, i)\n\nWithin this macro, this dereference occurs:\n\n (insn)-\u003enext_byte\n\nInspecting registers at this point, the value of the next_byte field is the\naddress of the vsyscall made, for example the location of the vsyscall\nversion of gettimeofday() at 0xffffffffff600000. The access to an address\nin the vsyscall region will trigger an oops due to an unhandled page fault.\n\nTo fix the bug, filtering for vsyscalls can be done when\ndetermining the branch type. This patch will return\na \"none\" branch if a kernel address if found to lie in the\nvsyscall region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52476",
"url": "https://www.suse.com/security/cve/CVE-2023-52476"
},
{
"category": "external",
"summary": "SUSE Bug 1220703 for CVE-2023-52476",
"url": "https://bugzilla.suse.com/1220703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52476"
},
{
"cve": "CVE-2023-52477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: hub: Guard against accesses to uninitialized BOS descriptors\n\nMany functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h\naccess fields inside udev-\u003ebos without checking if it was allocated and\ninitialized. If usb_get_bos_descriptor() fails for whatever\nreason, udev-\u003ebos will be NULL and those accesses will result in a\ncrash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000018\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 5 PID: 17818 Comm: kworker/5:1 Tainted: G W 5.15.108-18910-gab0e1cb584e1 #1 \u003cHASH:1f9e 1\u003e\nHardware name: Google Kindred/Kindred, BIOS Google_Kindred.12672.413.0 02/03/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:hub_port_reset+0x193/0x788\nCode: 89 f7 e8 20 f7 15 00 48 8b 43 08 80 b8 96 03 00 00 03 75 36 0f b7 88 92 03 00 00 81 f9 10 03 00 00 72 27 48 8b 80 a8 03 00 00 \u003c48\u003e 83 78 18 00 74 19 48 89 df 48 8b 75 b0 ba 02 00 00 00 4c 89 e9\nRSP: 0018:ffffab740c53fcf8 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffa1bc5f678000 RCX: 0000000000000310\nRDX: fffffffffffffdff RSI: 0000000000000286 RDI: ffffa1be9655b840\nRBP: ffffab740c53fd70 R08: 00001b7d5edaa20c R09: ffffffffb005e060\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: ffffab740c53fd3e R14: 0000000000000032 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffffa1be96540000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000018 CR3: 000000022e80c005 CR4: 00000000003706e0\nCall Trace:\nhub_event+0x73f/0x156e\n? hub_activate+0x5b7/0x68f\nprocess_one_work+0x1a2/0x487\nworker_thread+0x11a/0x288\nkthread+0x13a/0x152\n? process_one_work+0x487/0x487\n? kthread_associate_blkcg+0x70/0x70\nret_from_fork+0x1f/0x30\n\nFall back to a default behavior if the BOS descriptor isn\u0027t accessible\nand skip all the functionalities that depend on it: LPM support checks,\nSuper Speed capabilitiy checks, U1/U2 states setup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52477",
"url": "https://www.suse.com/security/cve/CVE-2023-52477"
},
{
"category": "external",
"summary": "SUSE Bug 1220790 for CVE-2023-52477",
"url": "https://bugzilla.suse.com/1220790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52477"
},
{
"cve": "CVE-2023-52486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52486"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Don\u0027t unref the same fb many times by mistake due to deadlock handling\n\nIf we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl()\nwe proceed to unref the fb and then retry the whole thing from the top.\nBut we forget to reset the fb pointer back to NULL, and so if we then\nget another error during the retry, before the fb lookup, we proceed\nthe unref the same fb again without having gotten another reference.\nThe end result is that the fb will (eventually) end up being freed\nwhile it\u0027s still in use.\n\nReset fb to NULL once we\u0027ve unreffed it to avoid doing it again\nuntil we\u0027ve done another fb lookup.\n\nThis turned out to be pretty easy to hit on a DG2 when doing async\nflips (and CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y). The first symptom I\nsaw that drm_closefb() simply got stuck in a busy loop while walking\nthe framebuffer list. Fortunately I was able to convince it to oops\ninstead, and from there it was easier to track down the culprit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52486",
"url": "https://www.suse.com/security/cve/CVE-2023-52486"
},
{
"category": "external",
"summary": "SUSE Bug 1221277 for CVE-2023-52486",
"url": "https://bugzilla.suse.com/1221277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52486"
},
{
"cve": "CVE-2023-52488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO\n\nThe SC16IS7XX IC supports a burst mode to access the FIFOs where the\ninitial register address is sent ($00), followed by all the FIFO data\nwithout having to resend the register address each time. In this mode, the\nIC doesn\u0027t increment the register address for each R/W byte.\n\nThe regmap_raw_read() and regmap_raw_write() are functions which can\nperform IO over multiple registers. They are currently used to read/write\nfrom/to the FIFO, and although they operate correctly in this burst mode on\nthe SPI bus, they would corrupt the regmap cache if it was not disabled\nmanually. The reason is that when the R/W size is more than 1 byte, these\nfunctions assume that the register address is incremented and handle the\ncache accordingly.\n\nConvert FIFO R/W functions to use the regmap _noinc_ versions in order to\nremove the manual cache control which was a workaround when using the\n_raw_ versions. FIFO registers are properly declared as volatile so\ncache will not be used/updated for FIFO accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52488",
"url": "https://www.suse.com/security/cve/CVE-2023-52488"
},
{
"category": "external",
"summary": "SUSE Bug 1221162 for CVE-2023-52488",
"url": "https://bugzilla.suse.com/1221162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52488"
},
{
"cve": "CVE-2023-52509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nravb: Fix use-after-free issue in ravb_tx_timeout_work()\n\nThe ravb_stop() should call cancel_work_sync(). Otherwise,\nravb_tx_timeout_work() is possible to use the freed priv after\nravb_remove() was called like below:\n\nCPU0\t\t\tCPU1\n\t\t\travb_tx_timeout()\nravb_remove()\nunregister_netdev()\nfree_netdev(ndev)\n// free priv\n\t\t\travb_tx_timeout_work()\n\t\t\t// use priv\n\nunregister_netdev() will call .ndo_stop() so that ravb_stop() is\ncalled. And, after phy_stop() is called, netif_carrier_off()\nis also called. So that .ndo_tx_timeout() will not be called\nafter phy_stop().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52509",
"url": "https://www.suse.com/security/cve/CVE-2023-52509"
},
{
"category": "external",
"summary": "SUSE Bug 1220836 for CVE-2023-52509",
"url": "https://bugzilla.suse.com/1220836"
},
{
"category": "external",
"summary": "SUSE Bug 1223290 for CVE-2023-52509",
"url": "https://bugzilla.suse.com/1223290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2023-52509"
},
{
"cve": "CVE-2023-52515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srp: Do not call scsi_done() from srp_abort()\n\nAfter scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler\ncallback, it performs one of the following actions:\n* Call scsi_queue_insert().\n* Call scsi_finish_command().\n* Call scsi_eh_scmd_add().\nHence, SCSI abort handlers must not call scsi_done(). Otherwise all\nthe above actions would trigger a use-after-free. Hence remove the\nscsi_done() call from srp_abort(). Keep the srp_free_req() call\nbefore returning SUCCESS because we may not see the command again if\nSUCCESS is returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52515",
"url": "https://www.suse.com/security/cve/CVE-2023-52515"
},
{
"category": "external",
"summary": "SUSE Bug 1221048 for CVE-2023-52515",
"url": "https://bugzilla.suse.com/1221048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52515"
},
{
"cve": "CVE-2023-52524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: llcp: Add lock when modifying device list\n\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52524",
"url": "https://www.suse.com/security/cve/CVE-2023-52524"
},
{
"category": "external",
"summary": "SUSE Bug 1220927 for CVE-2023-52524",
"url": "https://bugzilla.suse.com/1220927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52524"
},
{
"cve": "CVE-2023-52528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg\n\nsyzbot reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\nBUG: KMSAN: uninit-value in smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\nCPU: 0 PID: 8696 Comm: kworker/0:3 Not tainted 5.8.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x21c/0x280 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\n smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\n usbnet_probe+0x1152/0x3f90 drivers/net/usb/usbnet.c:1737\n usb_probe_interface+0xece/0x1550 drivers/usb/core/driver.c:374\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_set_configuration+0x380f/0x3f10 drivers/usb/core/message.c:2032\n usb_generic_driver_probe+0x138/0x300 drivers/usb/core/generic.c:241\n usb_probe_device+0x311/0x490 drivers/usb/core/driver.c:272\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_new_device+0x1bd4/0x2a30 drivers/usb/core/hub.c:2554\n hub_port_connect drivers/usb/core/hub.c:5208 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]\n port_event drivers/usb/core/hub.c:5494 [inline]\n hub_event+0x5e7b/0x8a70 drivers/usb/core/hub.c:5576\n process_one_work+0x1688/0x2140 kernel/workqueue.c:2269\n worker_thread+0x10bc/0x2730 kernel/workqueue.c:2415\n kthread+0x551/0x590 kernel/kthread.c:292\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293\n\nLocal variable ----buf.i87@smsc75xx_bind created at:\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n\nThis issue is caused because usbnet_read_cmd() reads less bytes than requested\n(zero byte in the reproducer). In this case, \u0027buf\u0027 is not properly filled.\n\nThis patch fixes the issue by returning -ENODATA if usbnet_read_cmd() reads\nless bytes than requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52528",
"url": "https://www.suse.com/security/cve/CVE-2023-52528"
},
{
"category": "external",
"summary": "SUSE Bug 1220843 for CVE-2023-52528",
"url": "https://bugzilla.suse.com/1220843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52528"
},
{
"cve": "CVE-2023-52575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52575"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52575",
"url": "https://www.suse.com/security/cve/CVE-2023-52575"
},
{
"category": "external",
"summary": "SUSE Bug 1220871 for CVE-2023-52575",
"url": "https://bugzilla.suse.com/1220871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52575"
},
{
"cve": "CVE-2023-52583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix deadlock or deadcode of misusing dget()\n\nThe lock order is incorrect between denty and its parent, we should\nalways make sure that the parent get the lock first.\n\nBut since this deadcode is never used and the parent dir will always\nbe set from the callers, let\u0027s just remove it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52583",
"url": "https://www.suse.com/security/cve/CVE-2023-52583"
},
{
"category": "external",
"summary": "SUSE Bug 1221058 for CVE-2023-52583",
"url": "https://bugzilla.suse.com/1221058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52583"
},
{
"cve": "CVE-2023-52587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/ipoib: Fix mcast list locking\n\nReleasing the `priv-\u003elock` while iterating the `priv-\u003emulticast_list` in\n`ipoib_mcast_join_task()` opens a window for `ipoib_mcast_dev_flush()` to\nremove the items while in the middle of iteration. If the mcast is removed\nwhile the lock was dropped, the for loop spins forever resulting in a hard\nlockup (as was reported on RHEL 4.18.0-372.75.1.el8_6 kernel):\n\n Task A (kworker/u72:2 below) | Task B (kworker/u72:0 below)\n -----------------------------------+-----------------------------------\n ipoib_mcast_join_task(work) | ipoib_ib_dev_flush_light(work)\n spin_lock_irq(\u0026priv-\u003elock) | __ipoib_ib_dev_flush(priv, ...)\n list_for_each_entry(mcast, | ipoib_mcast_dev_flush(dev = priv-\u003edev)\n \u0026priv-\u003emulticast_list, list) |\n ipoib_mcast_join(dev, mcast) |\n spin_unlock_irq(\u0026priv-\u003elock) |\n | spin_lock_irqsave(\u0026priv-\u003elock, flags)\n | list_for_each_entry_safe(mcast, tmcast,\n | \u0026priv-\u003emulticast_list, list)\n | list_del(\u0026mcast-\u003elist);\n | list_add_tail(\u0026mcast-\u003elist, \u0026remove_list)\n | spin_unlock_irqrestore(\u0026priv-\u003elock, flags)\n spin_lock_irq(\u0026priv-\u003elock) |\n | ipoib_mcast_remove_list(\u0026remove_list)\n (Here, `mcast` is no longer on the | list_for_each_entry_safe(mcast, tmcast,\n `priv-\u003emulticast_list` and we keep | remove_list, list)\n spinning on the `remove_list` of | \u003e\u003e\u003e wait_for_completion(\u0026mcast-\u003edone)\n the other thread which is blocked |\n and the list is still valid on |\n it\u0027s stack.)\n\nFix this by keeping the lock held and changing to GFP_ATOMIC to prevent\neventual sleeps.\nUnfortunately we could not reproduce the lockup and confirm this fix but\nbased on the code review I think this fix should address such lockups.\n\ncrash\u003e bc 31\nPID: 747 TASK: ff1c6a1a007e8000 CPU: 31 COMMAND: \"kworker/u72:2\"\n--\n [exception RIP: ipoib_mcast_join_task+0x1b1]\n RIP: ffffffffc0944ac1 RSP: ff646f199a8c7e00 RFLAGS: 00000002\n RAX: 0000000000000000 RBX: ff1c6a1a04dc82f8 RCX: 0000000000000000\n work (\u0026priv-\u003emcast_task{,.work})\n RDX: ff1c6a192d60ac68 RSI: 0000000000000286 RDI: ff1c6a1a04dc8000\n \u0026mcast-\u003elist\n RBP: ff646f199a8c7e90 R8: ff1c699980019420 R9: ff1c6a1920c9a000\n R10: ff646f199a8c7e00 R11: ff1c6a191a7d9800 R12: ff1c6a192d60ac00\n mcast\n R13: ff1c6a1d82200000 R14: ff1c6a1a04dc8000 R15: ff1c6a1a04dc82d8\n dev priv (\u0026priv-\u003elock) \u0026priv-\u003emulticast_list (aka head)\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n--- \u003cNMI exception stack\u003e ---\n #5 [ff646f199a8c7e00] ipoib_mcast_join_task+0x1b1 at ffffffffc0944ac1 [ib_ipoib]\n #6 [ff646f199a8c7e98] process_one_work+0x1a7 at ffffffff9bf10967\n\ncrash\u003e rx ff646f199a8c7e68\nff646f199a8c7e68: ff1c6a1a04dc82f8 \u003c\u003c\u003c work = \u0026priv-\u003emcast_task.work\n\ncrash\u003e list -hO ipoib_dev_priv.multicast_list ff1c6a1a04dc8000\n(empty)\n\ncrash\u003e ipoib_dev_priv.mcast_task.work.func,mcast_mutex.owner.counter ff1c6a1a04dc8000\n mcast_task.work.func = 0xffffffffc0944910 \u003cipoib_mcast_join_task\u003e,\n mcast_mutex.owner.counter = 0xff1c69998efec000\n\ncrash\u003e b 8\nPID: 8 TASK: ff1c69998efec000 CPU: 33 COMMAND: \"kworker/u72:0\"\n--\n #3 [ff646f1980153d50] wait_for_completion+0x96 at ffffffff9c7d7646\n #4 [ff646f1980153d90] ipoib_mcast_remove_list+0x56 at ffffffffc0944dc6 [ib_ipoib]\n #5 [ff646f1980153de8] ipoib_mcast_dev_flush+0x1a7 at ffffffffc09455a7 [ib_ipoib]\n #6 [ff646f1980153e58] __ipoib_ib_dev_flush+0x1a4 at ffffffffc09431a4 [ib_ipoib]\n #7 [ff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52587",
"url": "https://www.suse.com/security/cve/CVE-2023-52587"
},
{
"category": "external",
"summary": "SUSE Bug 1221082 for CVE-2023-52587",
"url": "https://bugzilla.suse.com/1221082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52587"
},
{
"cve": "CVE-2023-52590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change ocfs2 rename code to avoid touching renamed directory if\nits parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52590",
"url": "https://www.suse.com/security/cve/CVE-2023-52590"
},
{
"category": "external",
"summary": "SUSE Bug 1221088 for CVE-2023-52590",
"url": "https://bugzilla.suse.com/1221088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52590"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rt2x00: restart beacon queue when hardware reset\n\nWhen a hardware reset is triggered, all registers are reset, so all\nqueues are forced to stop in hardware interface. However, mac80211\nwill not automatically stop the queue. If we don\u0027t manually stop the\nbeacon queue, the queue will be deadlocked and unable to start again.\nThis patch fixes the issue where Apple devices cannot connect to the\nAP after calling ieee80211_restart_hw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52595",
"url": "https://www.suse.com/security/cve/CVE-2023-52595"
},
{
"category": "external",
"summary": "SUSE Bug 1221046 for CVE-2023-52595",
"url": "https://bugzilla.suse.com/1221046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52595"
},
{
"cve": "CVE-2023-52598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ptrace: handle setting of fpc register correctly\n\nIf the content of the floating point control (fpc) register of a traced\nprocess is modified with the ptrace interface the new value is tested for\nvalidity by temporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the tracing process:\nif an interrupt happens while the value is temporarily loaded into the\nfpc register, and within interrupt context floating point or vector\nregisters are used, the current fp/vx registers are saved with\nsave_fpu_regs() assuming they belong to user space and will be loaded into\nfp/vx registers when returning to user space.\n\ntest_fp_ctl() restores the original user space fpc register value, however\nit will be discarded, when returning to user space.\n\nIn result the tracer will incorrectly continue to run with the value that\nwas supposed to be used for the traced process.\n\nFix this by saving fpu register contents with save_fpu_regs() before using\ntest_fp_ctl().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52598",
"url": "https://www.suse.com/security/cve/CVE-2023-52598"
},
{
"category": "external",
"summary": "SUSE Bug 1221060 for CVE-2023-52598",
"url": "https://bugzilla.suse.com/1221060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52598"
},
{
"cve": "CVE-2023-52607",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52607"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/mm: Fix null-pointer dereference in pgtable_cache_add\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52607",
"url": "https://www.suse.com/security/cve/CVE-2023-52607"
},
{
"category": "external",
"summary": "SUSE Bug 1221061 for CVE-2023-52607",
"url": "https://bugzilla.suse.com/1221061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52607"
},
{
"cve": "CVE-2023-52614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don\u0027t have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52614",
"url": "https://www.suse.com/security/cve/CVE-2023-52614"
},
{
"category": "external",
"summary": "SUSE Bug 1221617 for CVE-2023-52614",
"url": "https://bugzilla.suse.com/1221617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52614"
},
{
"cve": "CVE-2023-52620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52620"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow timeout for anonymous sets\n\nNever used from userspace, disallow these parameters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52620",
"url": "https://www.suse.com/security/cve/CVE-2023-52620"
},
{
"category": "external",
"summary": "SUSE Bug 1221825 for CVE-2023-52620",
"url": "https://bugzilla.suse.com/1221825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52620"
},
{
"cve": "CVE-2023-52628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52628"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nftables: exthdr: fix 4-byte stack OOB write\n\nIf priv-\u003elen is a multiple of 4, then dst[len / 4] can write past\nthe destination array which leads to stack corruption.\n\nThis construct is necessary to clean the remainder of the register\nin case -\u003elen is NOT a multiple of the register size, so make it\nconditional just like nft_payload.c does.\n\nThe bug was added in 4.1 cycle and then copied/inherited when\ntcp/sctp and ip option support was added.\n\nBug reported by Zero Day Initiative project (ZDI-CAN-21950,\nZDI-CAN-21951, ZDI-CAN-21961).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52628",
"url": "https://www.suse.com/security/cve/CVE-2023-52628"
},
{
"category": "external",
"summary": "SUSE Bug 1222117 for CVE-2023-52628",
"url": "https://bugzilla.suse.com/1222117"
},
{
"category": "external",
"summary": "SUSE Bug 1222118 for CVE-2023-52628",
"url": "https://bugzilla.suse.com/1222118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2023-52628"
},
{
"cve": "CVE-2023-52635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Synchronize devfreq_monitor_[start/stop]\n\nThere is a chance if a frequent switch of the governor\ndone in a loop result in timer list corruption where\ntimer cancel being done from two place one from\ncancel_delayed_work_sync() and followed by expire_timers()\ncan be seen from the traces[1].\n\nwhile true\ndo\n echo \"simple_ondemand\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\n echo \"performance\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\ndone\n\nIt looks to be issue with devfreq driver where\ndevice_monitor_[start/stop] need to synchronized so that\ndelayed work should get corrupted while it is either\nbeing queued or running or being cancelled.\n\nLet\u0027s use polling flag and devfreq lock to synchronize the\nqueueing the timer instance twice and work data being\ncorrupted.\n\n[1]\n...\n..\n\u003cidle\u003e-0 [003] 9436.209662: timer_cancel timer=0xffffff80444f0428\n\u003cidle\u003e-0 [003] 9436.209664: timer_expire_entry timer=0xffffff80444f0428 now=0x10022da1c function=__typeid__ZTSFvP10timer_listE_global_addr baseclk=0x10022da1c\n\u003cidle\u003e-0 [003] 9436.209718: timer_expire_exit timer=0xffffff80444f0428\nkworker/u16:6-14217 [003] 9436.209863: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2b now=0x10022da1c flags=182452227\nvendor.xxxyyy.ha-1593 [004] 9436.209888: timer_cancel timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216390: timer_init timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216392: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2c now=0x10022da1d flags=186646532\nvendor.xxxyyy.ha-1593 [005] 9436.220992: timer_cancel timer=0xffffff80444f0428\nxxxyyyTraceManag-7795 [004] 9436.261641: timer_cancel timer=0xffffff80444f0428\n\n[2]\n\n 9436.261653][ C4] Unable to handle kernel paging request at virtual address dead00000000012a\n[ 9436.261664][ C4] Mem abort info:\n[ 9436.261666][ C4] ESR = 0x96000044\n[ 9436.261669][ C4] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 9436.261671][ C4] SET = 0, FnV = 0\n[ 9436.261673][ C4] EA = 0, S1PTW = 0\n[ 9436.261675][ C4] Data abort info:\n[ 9436.261677][ C4] ISV = 0, ISS = 0x00000044\n[ 9436.261680][ C4] CM = 0, WnR = 1\n[ 9436.261682][ C4] [dead00000000012a] address between user and kernel address ranges\n[ 9436.261685][ C4] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 9436.261701][ C4] Skip md ftrace buffer dump for: 0x3a982d0\n...\n\n[ 9436.262138][ C4] CPU: 4 PID: 7795 Comm: TraceManag Tainted: G S W O 5.10.149-android12-9-o-g17f915d29d0c #1\n[ 9436.262141][ C4] Hardware name: Qualcomm Technologies, Inc. (DT)\n[ 9436.262144][ C4] pstate: 22400085 (nzCv daIf +PAN -UAO +TCO BTYPE=--)\n[ 9436.262161][ C4] pc : expire_timers+0x9c/0x438\n[ 9436.262164][ C4] lr : expire_timers+0x2a4/0x438\n[ 9436.262168][ C4] sp : ffffffc010023dd0\n[ 9436.262171][ C4] x29: ffffffc010023df0 x28: ffffffd0636fdc18\n[ 9436.262178][ C4] x27: ffffffd063569dd0 x26: ffffffd063536008\n[ 9436.262182][ C4] x25: 0000000000000001 x24: ffffff88f7c69280\n[ 9436.262185][ C4] x23: 00000000000000e0 x22: dead000000000122\n[ 9436.262188][ C4] x21: 000000010022da29 x20: ffffff8af72b4e80\n[ 9436.262191][ C4] x19: ffffffc010023e50 x18: ffffffc010025038\n[ 9436.262195][ C4] x17: 0000000000000240 x16: 0000000000000201\n[ 9436.262199][ C4] x15: ffffffffffffffff x14: ffffff889f3c3100\n[ 9436.262203][ C4] x13: ffffff889f3c3100 x12: 00000000049f56b8\n[ 9436.262207][ C4] x11: 00000000049f56b8 x10: 00000000ffffffff\n[ 9436.262212][ C4] x9 : ffffffc010023e50 x8 : dead000000000122\n[ 9436.262216][ C4] x7 : ffffffffffffffff x6 : ffffffc0100239d8\n[ 9436.262220][ C4] x5 : 0000000000000000 x4 : 0000000000000101\n[ 9436.262223][ C4] x3 : 0000000000000080 x2 : ffffff8\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52635",
"url": "https://www.suse.com/security/cve/CVE-2023-52635"
},
{
"category": "external",
"summary": "SUSE Bug 1222294 for CVE-2023-52635",
"url": "https://bugzilla.suse.com/1222294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52635"
},
{
"cve": "CVE-2023-52639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: vsie: fix race during shadow creation\n\nRight now it is possible to see gmap-\u003eprivate being zero in\nkvm_s390_vsie_gmap_notifier resulting in a crash. This is due to the\nfact that we add gmap-\u003eprivate == kvm after creation:\n\nstatic int acquire_gmap_shadow(struct kvm_vcpu *vcpu,\n struct vsie_page *vsie_page)\n{\n[...]\n gmap = gmap_shadow(vcpu-\u003earch.gmap, asce, edat);\n if (IS_ERR(gmap))\n return PTR_ERR(gmap);\n gmap-\u003eprivate = vcpu-\u003ekvm;\n\nLet children inherit the private field of the parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52639",
"url": "https://www.suse.com/security/cve/CVE-2023-52639"
},
{
"category": "external",
"summary": "SUSE Bug 1222300 for CVE-2023-52639",
"url": "https://bugzilla.suse.com/1222300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52639"
},
{
"cve": "CVE-2023-52644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled\n\nWhen QoS is disabled, the queue priority value will not map to the correct\nieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS\nis disabled to prevent trying to stop/wake a non-existent queue and failing\nto stop/wake the actual queue instantiated.\n\nLog of issue before change (with kernel parameter qos=0):\n [ +5.112651] ------------[ cut here ]------------\n [ +0.000005] WARNING: CPU: 7 PID: 25513 at net/mac80211/util.c:449 __ieee80211_wake_queue+0xd5/0x180 [mac80211]\n [ +0.000067] Modules linked in: b43(O) snd_seq_dummy snd_hrtimer snd_seq snd_seq_device nft_chain_nat xt_MASQUERADE nf_nat xfrm_user xfrm_algo xt_addrtype overlay ccm af_packet amdgpu snd_hda_codec_cirrus snd_hda_codec_generic ledtrig_audio drm_exec amdxcp gpu_sched xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip6t_rpfilter ipt_rpfilter xt_pkttype xt_LOG nf_log_syslog xt_tcpudp nft_compat nf_tables nfnetlink sch_fq_codel btusb uinput iTCO_wdt ctr btrtl intel_pmc_bxt i915 intel_rapl_msr mei_hdcp mei_pxp joydev at24 watchdog btintel atkbd libps2 serio radeon btbcm vivaldi_fmap btmtk intel_rapl_common snd_hda_codec_hdmi bluetooth uvcvideo nls_iso8859_1 applesmc nls_cp437 x86_pkg_temp_thermal snd_hda_intel intel_powerclamp vfat videobuf2_vmalloc coretemp fat snd_intel_dspcfg crc32_pclmul uvc polyval_clmulni snd_intel_sdw_acpi loop videobuf2_memops snd_hda_codec tun drm_suballoc_helper polyval_generic drm_ttm_helper drm_buddy tap ecdh_generic videobuf2_v4l2 gf128mul macvlan ttm ghash_clmulni_intel ecc tg3\n [ +0.000044] videodev bridge snd_hda_core rapl crc16 drm_display_helper cec mousedev snd_hwdep evdev intel_cstate bcm5974 hid_appleir videobuf2_common stp mac_hid libphy snd_pcm drm_kms_helper acpi_als mei_me intel_uncore llc mc snd_timer intel_gtt industrialio_triggered_buffer apple_mfi_fastcharge i2c_i801 mei snd lpc_ich agpgart ptp i2c_smbus thunderbolt apple_gmux i2c_algo_bit kfifo_buf video industrialio soundcore pps_core wmi tiny_power_button sbs sbshc button ac cordic bcma mac80211 cfg80211 ssb rfkill libarc4 kvm_intel kvm drm irqbypass fuse backlight firmware_class efi_pstore configfs efivarfs dmi_sysfs ip_tables x_tables autofs4 dm_crypt cbc encrypted_keys trusted asn1_encoder tee tpm rng_core input_leds hid_apple led_class hid_generic usbhid hid sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif crct10dif_generic ahci libahci libata uhci_hcd ehci_pci ehci_hcd crct10dif_pclmul crct10dif_common sha512_ssse3 sha512_generic sha256_ssse3 sha1_ssse3 aesni_intel usbcore scsi_mod libaes crypto_simd cryptd scsi_common\n [ +0.000055] usb_common rtc_cmos btrfs blake2b_generic libcrc32c crc32c_generic crc32c_intel xor raid6_pq dm_snapshot dm_bufio dm_mod dax [last unloaded: b43(O)]\n [ +0.000009] CPU: 7 PID: 25513 Comm: irq/17-b43 Tainted: G W O 6.6.7 #1-NixOS\n [ +0.000003] Hardware name: Apple Inc. MacBookPro8,3/Mac-942459F5819B171B, BIOS 87.0.0.0.0 06/13/2019\n [ +0.000001] RIP: 0010:__ieee80211_wake_queue+0xd5/0x180 [mac80211]\n [ +0.000046] Code: 00 45 85 e4 0f 85 9b 00 00 00 48 8d bd 40 09 00 00 f0 48 0f ba ad 48 09 00 00 00 72 0f 5b 5d 41 5c 41 5d 41 5e e9 cb 6d 3c d0 \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e c3 cc cc cc cc 48 8d b4 16 94 00 00\n [ +0.000002] RSP: 0018:ffffc90003c77d60 EFLAGS: 00010097\n [ +0.000001] RAX: 0000000000000001 RBX: 0000000000000002 RCX: 0000000000000000\n [ +0.000001] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff88820b924900\n [ +0.000002] RBP: ffff88820b924900 R08: ffffc90003c77d90 R09: 000000000003bfd0\n [ +0.000001] R10: ffff88820b924900 R11: ffffc90003c77c68 R12: 0000000000000000\n [ +0.000001] R13: 0000000000000000 R14: ffffc90003c77d90 R15: ffffffffc0fa6f40\n [ +0.000001] FS: 0000000000000000(0000) GS:ffff88846fb80000(0000) knlGS:0000000000000000\n [ +0.000001] CS: 0010 DS: 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52644",
"url": "https://www.suse.com/security/cve/CVE-2023-52644"
},
{
"category": "external",
"summary": "SUSE Bug 1222961 for CVE-2023-52644",
"url": "https://bugzilla.suse.com/1222961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52644"
},
{
"cve": "CVE-2023-52646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm-\u003eioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52646",
"url": "https://www.suse.com/security/cve/CVE-2023-52646"
},
{
"category": "external",
"summary": "SUSE Bug 1223432 for CVE-2023-52646",
"url": "https://bugzilla.suse.com/1223432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: dsi: Add missing check for of_find_device_by_node\n\nAdd check for the return value of of_find_device_by_node() and return\nthe error if it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52650",
"url": "https://www.suse.com/security/cve/CVE-2023-52650"
},
{
"category": "external",
"summary": "SUSE Bug 1223770 for CVE-2023-52650",
"url": "https://bugzilla.suse.com/1223770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52650"
},
{
"cve": "CVE-2023-52652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52652",
"url": "https://www.suse.com/security/cve/CVE-2023-52652"
},
{
"category": "external",
"summary": "SUSE Bug 1223686 for CVE-2023-52652",
"url": "https://bugzilla.suse.com/1223686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2023-6356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6356"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6356",
"url": "https://www.suse.com/security/cve/CVE-2023-6356"
},
{
"category": "external",
"summary": "SUSE Bug 1217987 for CVE-2023-6356",
"url": "https://bugzilla.suse.com/1217987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-6356"
},
{
"cve": "CVE-2023-6535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6535"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6535",
"url": "https://www.suse.com/security/cve/CVE-2023-6535"
},
{
"category": "external",
"summary": "SUSE Bug 1217988 for CVE-2023-6535",
"url": "https://bugzilla.suse.com/1217988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-6535"
},
{
"cve": "CVE-2023-6536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6536"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6536",
"url": "https://www.suse.com/security/cve/CVE-2023-6536"
},
{
"category": "external",
"summary": "SUSE Bug 1217989 for CVE-2023-6536",
"url": "https://bugzilla.suse.com/1217989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-6536"
},
{
"cve": "CVE-2023-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7042"
}
],
"notes": [
{
"category": "general",
"text": "A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7042",
"url": "https://www.suse.com/security/cve/CVE-2023-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1218336 for CVE-2023-7042",
"url": "https://bugzilla.suse.com/1218336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-7042"
},
{
"cve": "CVE-2023-7192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7192"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7192",
"url": "https://www.suse.com/security/cve/CVE-2023-7192"
},
{
"category": "external",
"summary": "SUSE Bug 1218479 for CVE-2023-7192",
"url": "https://bugzilla.suse.com/1218479"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-7192",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-7192"
},
{
"cve": "CVE-2024-2201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2201"
}
],
"notes": [
{
"category": "general",
"text": "A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2201",
"url": "https://www.suse.com/security/cve/CVE-2024-2201"
},
{
"category": "external",
"summary": "SUSE Bug 1212111 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1212111"
},
{
"category": "external",
"summary": "SUSE Bug 1217339 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1217339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-2201"
},
{
"cve": "CVE-2024-22099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-22099"
}
],
"notes": [
{
"category": "general",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-22099",
"url": "https://www.suse.com/security/cve/CVE-2024-22099"
},
{
"category": "external",
"summary": "SUSE Bug 1219170 for CVE-2024-22099",
"url": "https://bugzilla.suse.com/1219170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-23848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23848",
"url": "https://www.suse.com/security/cve/CVE-2024-23848"
},
{
"category": "external",
"summary": "SUSE Bug 1219104 for CVE-2024-23848",
"url": "https://bugzilla.suse.com/1219104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-24855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24855"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24855",
"url": "https://www.suse.com/security/cve/CVE-2024-24855"
},
{
"category": "external",
"summary": "SUSE Bug 1219618 for CVE-2024-24855",
"url": "https://bugzilla.suse.com/1219618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-24861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24861"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24861",
"url": "https://www.suse.com/security/cve/CVE-2024-24861"
},
{
"category": "external",
"summary": "SUSE Bug 1219623 for CVE-2024-24861",
"url": "https://bugzilla.suse.com/1219623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-24861"
},
{
"cve": "CVE-2024-26614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue\u0027s spinlocks once\n\nWhen I run syz\u0027s reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff \u003c0f\u003e 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n\u003cIRQ\u003e\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n\u003c/IRQ\u003e\n\u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n\u003c/TASK\u003e\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26614",
"url": "https://www.suse.com/security/cve/CVE-2024-26614"
},
{
"category": "external",
"summary": "SUSE Bug 1221293 for CVE-2024-26614",
"url": "https://bugzilla.suse.com/1221293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26614"
},
{
"cve": "CVE-2024-26642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26642",
"url": "https://www.suse.com/security/cve/CVE-2024-26642"
},
{
"category": "external",
"summary": "SUSE Bug 1221830 for CVE-2024-26642",
"url": "https://bugzilla.suse.com/1221830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26642"
},
{
"cve": "CVE-2024-26651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsr9800: Add check for usbnet_get_endpoints\n\nAdd check for usbnet_get_endpoints() and return the error if it fails\nin order to transfer the error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26651",
"url": "https://www.suse.com/security/cve/CVE-2024-26651"
},
{
"category": "external",
"summary": "SUSE Bug 1221337 for CVE-2024-26651",
"url": "https://bugzilla.suse.com/1221337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26651"
},
{
"cve": "CVE-2024-26671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26671",
"url": "https://www.suse.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "SUSE Bug 1222357 for CVE-2024-26671",
"url": "https://bugzilla.suse.com/1222357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26671"
},
{
"cve": "CVE-2024-26675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp_async: limit MRU to 64K\n\nsyzbot triggered a warning [1] in __alloc_pages():\n\nWARN_ON_ONCE_GFP(order \u003e MAX_PAGE_ORDER, gfp)\n\nWillem fixed a similar issue in commit c0a2a1b0d631 (\"ppp: limit MRU to 64K\")\n\nAdopt the same sanity check for ppp_async_ioctl(PPPIOCSMRU)\n\n[1]:\n\n WARNING: CPU: 1 PID: 11 at mm/page_alloc.c:4543 __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\nModules linked in:\nCPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted 6.8.0-rc2-syzkaller-g41bccc98fb79 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: events_unbound flush_to_ldisc\npstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n lr : __alloc_pages+0xc8/0x698 mm/page_alloc.c:4537\nsp : ffff800093967580\nx29: ffff800093967660 x28: ffff8000939675a0 x27: dfff800000000000\nx26: ffff70001272ceb4 x25: 0000000000000000 x24: ffff8000939675c0\nx23: 0000000000000000 x22: 0000000000060820 x21: 1ffff0001272ceb8\nx20: ffff8000939675e0 x19: 0000000000000010 x18: ffff800093967120\nx17: ffff800083bded5c x16: ffff80008ac97500 x15: 0000000000000005\nx14: 1ffff0001272cebc x13: 0000000000000000 x12: 0000000000000000\nx11: ffff70001272cec1 x10: 1ffff0001272cec0 x9 : 0000000000000001\nx8 : ffff800091c91000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 00000000ffffffff x4 : 0000000000000000 x3 : 0000000000000020\nx2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff8000939675e0\nCall trace:\n __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n __kmalloc_large_node+0xbc/0x1fc mm/slub.c:3926\n __do_kmalloc_node mm/slub.c:3969 [inline]\n __kmalloc_node_track_caller+0x418/0x620 mm/slub.c:4001\n kmalloc_reserve+0x17c/0x23c net/core/skbuff.c:590\n __alloc_skb+0x1c8/0x3d8 net/core/skbuff.c:651\n __netdev_alloc_skb+0xb8/0x3e8 net/core/skbuff.c:715\n netdev_alloc_skb include/linux/skbuff.h:3235 [inline]\n dev_alloc_skb include/linux/skbuff.h:3248 [inline]\n ppp_async_input drivers/net/ppp/ppp_async.c:863 [inline]\n ppp_asynctty_receive+0x588/0x186c drivers/net/ppp/ppp_async.c:341\n tty_ldisc_receive_buf+0x12c/0x15c drivers/tty/tty_buffer.c:390\n tty_port_default_receive_buf+0x74/0xac drivers/tty/tty_port.c:37\n receive_buf drivers/tty/tty_buffer.c:444 [inline]\n flush_to_ldisc+0x284/0x6e4 drivers/tty/tty_buffer.c:494\n process_one_work+0x694/0x1204 kernel/workqueue.c:2633\n process_scheduled_works kernel/workqueue.c:2706 [inline]\n worker_thread+0x938/0xef4 kernel/workqueue.c:2787\n kthread+0x288/0x310 kernel/kthread.c:388\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26675",
"url": "https://www.suse.com/security/cve/CVE-2024-26675"
},
{
"category": "external",
"summary": "SUSE Bug 1222379 for CVE-2024-26675",
"url": "https://bugzilla.suse.com/1222379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26675"
},
{
"cve": "CVE-2024-26689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: prevent use-after-free in encode_cap_msg()\n\nIn fs/ceph/caps.c, in encode_cap_msg(), \"use after free\" error was\ncaught by KASAN at this line - \u0027ceph_buffer_get(arg-\u003exattr_buf);\u0027. This\nimplies before the refcount could be increment here, it was freed.\n\nIn same file, in \"handle_cap_grant()\" refcount is decremented by this\nline - \u0027ceph_buffer_put(ci-\u003ei_xattrs.blob);\u0027. It appears that a race\noccurred and resource was freed by the latter line before the former\nline could increment it.\n\nencode_cap_msg() is called by __send_cap() and __send_cap() is called by\nceph_check_caps() after calling __prep_cap(). __prep_cap() is where\narg-\u003exattr_buf is assigned to ci-\u003ei_xattrs.blob. This is the spot where\nthe refcount must be increased to prevent \"use after free\" error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26689",
"url": "https://www.suse.com/security/cve/CVE-2024-26689"
},
{
"category": "external",
"summary": "SUSE Bug 1222503 for CVE-2024-26689",
"url": "https://bugzilla.suse.com/1222503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26689"
},
{
"cve": "CVE-2024-26704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double-free of blocks due to wrong extents moved_len\n\nIn ext4_move_extents(), moved_len is only updated when all moves are\nsuccessfully executed, and only discards orig_inode and donor_inode\npreallocations when moved_len is not zero. When the loop fails to exit\nafter successfully moving some extents, moved_len is not updated and\nremains at 0, so it does not discard the preallocations.\n\nIf the moved extents overlap with the preallocated extents, the\noverlapped extents are freed twice in ext4_mb_release_inode_pa() and\next4_process_freed_data() (as described in commit 94d7c16cbbbd (\"ext4:\nFix double-free of blocks with EXT4_IOC_MOVE_EXT\")), and bb_free is\nincremented twice. Hence when trim is executed, a zero-division bug is\ntriggered in mb_update_avg_fragment_size() because bb_free is not zero\nand bb_fragments is zero.\n\nTherefore, update move_len after each extent move to avoid the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26704",
"url": "https://www.suse.com/security/cve/CVE-2024-26704"
},
{
"category": "external",
"summary": "SUSE Bug 1222422 for CVE-2024-26704",
"url": "https://bugzilla.suse.com/1222422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26704"
},
{
"cve": "CVE-2024-26733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26733",
"url": "https://www.suse.com/security/cve/CVE-2024-26733"
},
{
"category": "external",
"summary": "SUSE Bug 1222585 for CVE-2024-26733",
"url": "https://bugzilla.suse.com/1222585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26733"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix qedr_create_user_qp error flow\n\nAvoid the following warning by making sure to free the allocated\nresources in case that qedr_init_user_queue() fail.\n\n-----------[ cut here ]-----------\nWARNING: CPU: 0 PID: 143192 at drivers/infiniband/core/rdma_core.c:874 uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nModules linked in: tls target_core_user uio target_core_pscsi target_core_file target_core_iblock ib_srpt ib_srp scsi_transport_srp nfsd nfs_acl rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs 8021q garp mrp stp llc ext4 mbcache jbd2 opa_vnic ib_umad ib_ipoib sunrpc rdma_ucm ib_isert iscsi_target_mod target_core_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm hfi1 intel_rapl_msr intel_rapl_common mgag200 qedr sb_edac drm_shmem_helper rdmavt x86_pkg_temp_thermal drm_kms_helper intel_powerclamp ib_uverbs coretemp i2c_algo_bit kvm_intel dell_wmi_descriptor ipmi_ssif sparse_keymap kvm ib_core rfkill syscopyarea sysfillrect video sysimgblt irqbypass ipmi_si ipmi_devintf fb_sys_fops rapl iTCO_wdt mxm_wmi iTCO_vendor_support intel_cstate pcspkr dcdbas intel_uncore ipmi_msghandler lpc_ich acpi_power_meter mei_me mei fuse drm xfs libcrc32c qede sd_mod ahci libahci t10_pi sg crct10dif_pclmul crc32_pclmul crc32c_intel qed libata tg3\nghash_clmulni_intel megaraid_sas crc8 wmi [last unloaded: ib_srpt]\nCPU: 0 PID: 143192 Comm: fi_rdm_tagged_p Kdump: loaded Not tainted 5.14.0-408.el9.x86_64 #1\nHardware name: Dell Inc. PowerEdge R430/03XKDV, BIOS 2.14.0 01/25/2022\nRIP: 0010:uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nCode: 5d 41 5c 41 5d 41 5e e9 0f 26 1b dd 48 89 df e8 67 6a ff ff 49 8b 86 10 01 00 00 48 85 c0 74 9c 4c 89 e7 e8 83 c0 cb dd eb 92 \u003c0f\u003e 0b eb be 0f 0b be 04 00 00 00 48 89 df e8 8e f5 ff ff e9 6d ff\nRSP: 0018:ffffb7c6cadfbc60 EFLAGS: 00010286\nRAX: ffff8f0889ee3f60 RBX: ffff8f088c1a5200 RCX: 00000000802a0016\nRDX: 00000000802a0017 RSI: 0000000000000001 RDI: ffff8f0880042600\nRBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\nR10: ffff8f11fffd5000 R11: 0000000000039000 R12: ffff8f0d5b36cd80\nR13: ffff8f088c1a5250 R14: ffff8f1206d91000 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8f11d7c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000147069200e20 CR3: 00000001c7210002 CR4: 00000000001706f0\nCall Trace:\n\u003cTASK\u003e\n? show_trace_log_lvl+0x1c4/0x2df\n? show_trace_log_lvl+0x1c4/0x2df\n? ib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? __warn+0x81/0x110\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? report_bug+0x10a/0x140\n? handle_bug+0x3c/0x70\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n__fput+0x94/0x250\ntask_work_run+0x5c/0x90\ndo_exit+0x270/0x4a0\ndo_group_exit+0x2d/0x90\nget_signal+0x87c/0x8c0\narch_do_signal_or_restart+0x25/0x100\n? ib_uverbs_ioctl+0xc2/0x110 [ib_uverbs]\nexit_to_user_mode_loop+0x9c/0x130\nexit_to_user_mode_prepare+0xb6/0x100\nsyscall_exit_to_user_mode+0x12/0x40\ndo_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\n? common_interrupt+0x43/0xa0\nentry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x1470abe3ec6b\nCode: Unable to access opcode bytes at RIP 0x1470abe3ec41.\nRSP: 002b:00007fff13ce9108 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: fffffffffffffffc RBX: 00007fff13ce9218 RCX: 00001470abe3ec6b\nRDX: 00007fff13ce9200 RSI: 00000000c0181b01 RDI: 0000000000000004\nRBP: 00007fff13ce91e0 R08: 0000558d9655da10 R09: 0000558d9655dd00\nR10: 00007fff13ce95c0 R11: 0000000000000246 R12: 00007fff13ce9358\nR13: 0000000000000013 R14: 0000558d9655db50 R15: 00007fff13ce9470\n\u003c/TASK\u003e\n--[ end trace 888a9b92e04c5c97 ]--",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26743",
"url": "https://www.suse.com/security/cve/CVE-2024-26743"
},
{
"category": "external",
"summary": "SUSE Bug 1222677 for CVE-2024-26743",
"url": "https://bugzilla.suse.com/1222677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26743"
},
{
"cve": "CVE-2024-26744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Support specifying the srpt_service_guid parameter\n\nMake loading ib_srpt with this parameter set work. The current behavior is\nthat setting that parameter while loading the ib_srpt kernel module\ntriggers the following kernel crash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCall Trace:\n \u003cTASK\u003e\n parse_one+0x18c/0x1d0\n parse_args+0xe1/0x230\n load_module+0x8de/0xa60\n init_module_from_file+0x8b/0xd0\n idempotent_init_module+0x181/0x240\n __x64_sys_finit_module+0x5a/0xb0\n do_syscall_64+0x5f/0xe0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26744",
"url": "https://www.suse.com/security/cve/CVE-2024-26744"
},
{
"category": "external",
"summary": "SUSE Bug 1222449 for CVE-2024-26744",
"url": "https://bugzilla.suse.com/1222449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26744"
},
{
"cve": "CVE-2024-26747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: roles: fix NULL pointer issue when put module\u0027s reference\n\nIn current design, usb role class driver will get usb_role_switch parent\u0027s\nmodule reference after the user get usb_role_switch device and put the\nreference after the user put the usb_role_switch device. However, the\nparent device of usb_role_switch may be removed before the user put the\nusb_role_switch. If so, then, NULL pointer issue will be met when the user\nput the parent module\u0027s reference.\n\nThis will save the module pointer in structure of usb_role_switch. Then,\nwe don\u0027t need to find module by iterating long relations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26747",
"url": "https://www.suse.com/security/cve/CVE-2024-26747"
},
{
"category": "external",
"summary": "SUSE Bug 1222609 for CVE-2024-26747",
"url": "https://bugzilla.suse.com/1222609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26747"
},
{
"cve": "CVE-2024-26754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()\n\nThe gtp_net_ops pernet operations structure for the subsystem must be\nregistered before registering the generic netlink family.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\ngeneral protection fault, probably for non-canonical address\n0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\nCPU: 1 PID: 5826 Comm: gtp Not tainted 6.8.0-rc3-std-def-alt1 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\nRIP: 0010:gtp_genl_dump_pdp+0x1be/0x800 [gtp]\nCode: c6 89 c6 e8 64 e9 86 df 58 45 85 f6 0f 85 4e 04 00 00 e8 c5 ee 86\n df 48 8b 54 24 18 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e\n 3c 02 00 0f 85 de 05 00 00 48 8b 44 24 18 4c 8b 30 4c 39 f0 74\nRSP: 0018:ffff888014107220 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff88800fcda588 R14: 0000000000000001 R15: 0000000000000000\nFS: 00007f1be4eb05c0(0000) GS:ffff88806ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1be4e766cf CR3: 000000000c33e000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? show_regs+0x90/0xa0\n ? die_addr+0x50/0xd0\n ? exc_general_protection+0x148/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? gtp_genl_dump_pdp+0x1be/0x800 [gtp]\n ? __alloc_skb+0x1dd/0x350\n ? __pfx___alloc_skb+0x10/0x10\n genl_dumpit+0x11d/0x230\n netlink_dump+0x5b9/0xce0\n ? lockdep_hardirqs_on_prepare+0x253/0x430\n ? __pfx_netlink_dump+0x10/0x10\n ? kasan_save_track+0x10/0x40\n ? __kasan_kmalloc+0x9b/0xa0\n ? genl_start+0x675/0x970\n __netlink_dump_start+0x6fc/0x9f0\n genl_family_rcv_msg_dumpit+0x1bb/0x2d0\n ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10\n ? genl_op_from_small+0x2a/0x440\n ? cap_capable+0x1d0/0x240\n ? __pfx_genl_start+0x10/0x10\n ? __pfx_genl_dumpit+0x10/0x10\n ? __pfx_genl_done+0x10/0x10\n ? security_capable+0x9d/0xe0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26754",
"url": "https://www.suse.com/security/cve/CVE-2024-26754"
},
{
"category": "external",
"summary": "SUSE Bug 1222632 for CVE-2024-26754",
"url": "https://bugzilla.suse.com/1222632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26754"
},
{
"cve": "CVE-2024-26763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-crypt: don\u0027t modify the data when using authenticated encryption\n\nIt was said that authenticated encryption could produce invalid tag when\nthe data that is being encrypted is modified [1]. So, fix this problem by\ncopying the data into the clone bio first and then encrypt them inside the\nclone bio.\n\nThis may reduce performance, but it is needed to prevent the user from\ncorrupting the device by writing data with O_DIRECT and modifying them at\nthe same time.\n\n[1] https://lore.kernel.org/all/20240207004723.GA35324@sol.localdomain/T/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26763",
"url": "https://www.suse.com/security/cve/CVE-2024-26763"
},
{
"category": "external",
"summary": "SUSE Bug 1222720 for CVE-2024-26763",
"url": "https://bugzilla.suse.com/1222720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26763"
},
{
"cve": "CVE-2024-26771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Add some null pointer checks to the edma_probe\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26771",
"url": "https://www.suse.com/security/cve/CVE-2024-26771"
},
{
"category": "external",
"summary": "SUSE Bug 1222610 for CVE-2024-26771",
"url": "https://bugzilla.suse.com/1222610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26771"
},
{
"cve": "CVE-2024-26772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26772",
"url": "https://www.suse.com/security/cve/CVE-2024-26772"
},
{
"category": "external",
"summary": "SUSE Bug 1222613 for CVE-2024-26772",
"url": "https://bugzilla.suse.com/1222613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26772"
},
{
"cve": "CVE-2024-26773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26773",
"url": "https://www.suse.com/security/cve/CVE-2024-26773"
},
{
"category": "external",
"summary": "SUSE Bug 1222618 for CVE-2024-26773",
"url": "https://bugzilla.suse.com/1222618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26773"
},
{
"cve": "CVE-2024-26777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: sis: Error out if pixclock equals zero\n\nThe userspace program could pass any values to the driver through\nioctl() interface. If the driver doesn\u0027t check the value of pixclock,\nit may cause divide-by-zero error.\n\nIn sisfb_check_var(), var-\u003epixclock is used as a divisor to caculate\ndrate before it is checked against zero. Fix this by checking it\nat the beginning.\n\nThis is similar to CVE-2022-3061 in i740fb which was fixed by\ncommit 15cf0b8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26777",
"url": "https://www.suse.com/security/cve/CVE-2024-26777"
},
{
"category": "external",
"summary": "SUSE Bug 1222765 for CVE-2024-26777",
"url": "https://bugzilla.suse.com/1222765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26777"
},
{
"cve": "CVE-2024-26778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26778"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Error out if pixclock equals zero\n\nThe userspace program could pass any values to the driver through\nioctl() interface. If the driver doesn\u0027t check the value of pixclock,\nit may cause divide-by-zero error.\n\nAlthough pixclock is checked in savagefb_decode_var(), but it is not\nchecked properly in savagefb_probe(). Fix this by checking whether\npixclock is zero in the function savagefb_check_var() before\ninfo-\u003evar.pixclock is used as the divisor.\n\nThis is similar to CVE-2022-3061 in i740fb which was fixed by\ncommit 15cf0b8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26778",
"url": "https://www.suse.com/security/cve/CVE-2024-26778"
},
{
"category": "external",
"summary": "SUSE Bug 1222770 for CVE-2024-26778",
"url": "https://bugzilla.suse.com/1222770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26778"
},
{
"cve": "CVE-2024-26779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix race condition on enabling fast-xmit\n\nfast-xmit must only be enabled after the sta has been uploaded to the driver,\notherwise it could end up passing the not-yet-uploaded sta via drv_tx calls\nto the driver, leading to potential crashes because of uninitialized drv_priv\ndata.\nAdd a missing sta-\u003euploaded check and re-check fast xmit after inserting a sta.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26779",
"url": "https://www.suse.com/security/cve/CVE-2024-26779"
},
{
"category": "external",
"summary": "SUSE Bug 1222772 for CVE-2024-26779",
"url": "https://bugzilla.suse.com/1222772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26779"
},
{
"cve": "CVE-2024-26793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()\n\nThe gtp_link_ops operations structure for the subsystem must be\nregistered after registering the gtp_net_ops pernet operations structure.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\n[ 1010.702740] gtp: GTP module unloaded\n[ 1010.715877] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI\n[ 1010.715888] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n[ 1010.715895] CPU: 1 PID: 128616 Comm: a.out Not tainted 6.8.0-rc6-std-def-alt1 #1\n[ 1010.715899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\n[ 1010.715908] RIP: 0010:gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.715915] Code: 80 3c 02 00 0f 85 41 04 00 00 48 8b bb d8 05 00 00 e8 ed f6 ff ff 48 89 c2 48 89 c5 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4f 04 00 00 4c 89 e2 4c 8b 6d 00 48 b8 00 00 00\n[ 1010.715920] RSP: 0018:ffff888020fbf180 EFLAGS: 00010203\n[ 1010.715929] RAX: dffffc0000000000 RBX: ffff88800399c000 RCX: 0000000000000000\n[ 1010.715933] RDX: 0000000000000001 RSI: ffffffff84805280 RDI: 0000000000000282\n[ 1010.715938] RBP: 000000000000000d R08: 0000000000000001 R09: 0000000000000000\n[ 1010.715942] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800399cc80\n[ 1010.715947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000400\n[ 1010.715953] FS: 00007fd1509ab5c0(0000) GS:ffff88805b300000(0000) knlGS:0000000000000000\n[ 1010.715958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1010.715962] CR2: 0000000000000000 CR3: 000000001c07a000 CR4: 0000000000750ee0\n[ 1010.715968] PKRU: 55555554\n[ 1010.715972] Call Trace:\n[ 1010.715985] ? __die_body.cold+0x1a/0x1f\n[ 1010.715995] ? die_addr+0x43/0x70\n[ 1010.716002] ? exc_general_protection+0x199/0x2f0\n[ 1010.716016] ? asm_exc_general_protection+0x1e/0x30\n[ 1010.716026] ? gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.716034] ? gtp_net_exit+0x150/0x150 [gtp]\n[ 1010.716042] __rtnl_newlink+0x1063/0x1700\n[ 1010.716051] ? rtnl_setlink+0x3c0/0x3c0\n[ 1010.716063] ? is_bpf_text_address+0xc0/0x1f0\n[ 1010.716070] ? kernel_text_address.part.0+0xbb/0xd0\n[ 1010.716076] ? __kernel_text_address+0x56/0xa0\n[ 1010.716084] ? unwind_get_return_address+0x5a/0xa0\n[ 1010.716091] ? create_prof_cpu_mask+0x30/0x30\n[ 1010.716098] ? arch_stack_walk+0x9e/0xf0\n[ 1010.716106] ? stack_trace_save+0x91/0xd0\n[ 1010.716113] ? stack_trace_consume_entry+0x170/0x170\n[ 1010.716121] ? __lock_acquire+0x15c5/0x5380\n[ 1010.716139] ? mark_held_locks+0x9e/0xe0\n[ 1010.716148] ? kmem_cache_alloc_trace+0x35f/0x3c0\n[ 1010.716155] ? __rtnl_newlink+0x1700/0x1700\n[ 1010.716160] rtnl_newlink+0x69/0xa0\n[ 1010.716166] rtnetlink_rcv_msg+0x43b/0xc50\n[ 1010.716172] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716179] ? lock_acquire+0x1fe/0x560\n[ 1010.716188] ? netlink_deliver_tap+0x12f/0xd50\n[ 1010.716196] netlink_rcv_skb+0x14d/0x440\n[ 1010.716202] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716208] ? netlink_ack+0xab0/0xab0\n[ 1010.716213] ? netlink_deliver_tap+0x202/0xd50\n[ 1010.716220] ? netlink_deliver_tap+0x218/0xd50\n[ 1010.716226] ? __virt_addr_valid+0x30b/0x590\n[ 1010.716233] netlink_unicast+0x54b/0x800\n[ 1010.716240] ? netlink_attachskb+0x870/0x870\n[ 1010.716248] ? __check_object_size+0x2de/0x3b0\n[ 1010.716254] netlink_sendmsg+0x938/0xe40\n[ 1010.716261] ? netlink_unicast+0x800/0x800\n[ 1010.716269] ? __import_iovec+0x292/0x510\n[ 1010.716276] ? netlink_unicast+0x800/0x800\n[ 1010.716284] __sock_sendmsg+0x159/0x190\n[ 1010.716290] ____sys_sendmsg+0x712/0x880\n[ 1010.716297] ? sock_write_iter+0x3d0/0x3d0\n[ 1010.716304] ? __ia32_sys_recvmmsg+0x270/0x270\n[ 1010.716309] ? lock_acquire+0x1fe/0x560\n[ 1010.716315] ? drain_array_locked+0x90/0x90\n[ 1010.716324] ___sys_sendmsg+0xf8/0x170\n[ 1010.716331] ? sendmsg_copy_msghdr+0x170/0x170\n[ 1010.716337] ? lockdep_init_map\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26793",
"url": "https://www.suse.com/security/cve/CVE-2024-26793"
},
{
"category": "external",
"summary": "SUSE Bug 1222428 for CVE-2024-26793",
"url": "https://bugzilla.suse.com/1222428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26793"
},
{
"cve": "CVE-2024-26805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Fix kernel-infoleak-after-free in __skb_datagram_iter\n\nsyzbot reported the following uninit-value access issue [1]:\n\nnetlink_to_full_skb() creates a new `skb` and puts the `skb-\u003edata`\npassed as a 1st arg of netlink_to_full_skb() onto new `skb`. The data\nsize is specified as `len` and passed to skb_put_data(). This `len`\nis based on `skb-\u003eend` that is not data offset but buffer offset. The\n`skb-\u003eend` contains data and tailroom. Since the tailroom is not\ninitialized when the new `skb` created, KMSAN detects uninitialized\nmemory area when copying the data.\n\nThis patch resolved this issue by correct the len from `skb-\u003eend` to\n`skb-\u003elen`, which is the actual data offset.\n\nBUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in copy_to_user_iter lib/iov_iter.c:24 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_ubuf include/linux/iov_iter.h:29 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance include/linux/iov_iter.h:271 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n copy_to_iter include/linux/uio.h:197 [inline]\n simple_copy_to_iter+0x68/0xa0 net/core/datagram.c:532\n __skb_datagram_iter+0x123/0xdc0 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:3960 [inline]\n packet_recvmsg+0xd9c/0x2000 net/packet/af_packet.c:3482\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg net/socket.c:1066 [inline]\n sock_read_iter+0x467/0x580 net/socket.c:1136\n call_read_iter include/linux/fs.h:2014 [inline]\n new_sync_read fs/read_write.c:389 [inline]\n vfs_read+0x8f6/0xe00 fs/read_write.c:470\n ksys_read+0x20f/0x4c0 fs/read_write.c:613\n __do_sys_read fs/read_write.c:623 [inline]\n __se_sys_read fs/read_write.c:621 [inline]\n __x64_sys_read+0x93/0xd0 fs/read_write.c:621\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was stored to memory at:\n skb_put_data include/linux/skbuff.h:2622 [inline]\n netlink_to_full_skb net/netlink/af_netlink.c:181 [inline]\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:298 [inline]\n __netlink_deliver_tap+0x5be/0xc90 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338 [inline]\n netlink_deliver_tap_kernel net/netlink/af_netlink.c:347 [inline]\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x10f1/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1087 [inline]\n free_unref_page_prepare+0xb0/0xa40 mm/page_alloc.c:2347\n free_unref_page_list+0xeb/0x1100 mm/page_alloc.c:2533\n release_pages+0x23d3/0x2410 mm/swap.c:1042\n free_pages_and_swap_cache+0xd9/0xf0 mm/swap_state.c:316\n tlb_batch_pages\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26805",
"url": "https://www.suse.com/security/cve/CVE-2024-26805"
},
{
"category": "external",
"summary": "SUSE Bug 1222630 for CVE-2024-26805",
"url": "https://bugzilla.suse.com/1222630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26805"
},
{
"cve": "CVE-2024-26816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26816",
"url": "https://www.suse.com/security/cve/CVE-2024-26816"
},
{
"category": "external",
"summary": "SUSE Bug 1222624 for CVE-2024-26816",
"url": "https://bugzilla.suse.com/1222624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: use calloc instead of kzalloc to avoid integer overflow\n\nThis uses calloc instead of doing the multiplication which might\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26817",
"url": "https://www.suse.com/security/cve/CVE-2024-26817"
},
{
"category": "external",
"summary": "SUSE Bug 1222812 for CVE-2024-26817",
"url": "https://bugzilla.suse.com/1222812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26817"
},
{
"cve": "CVE-2024-26839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix a memleak in init_credit_return\n\nWhen dma_alloc_coherent fails to allocate dd-\u003ecr_base[i].va,\ninit_credit_return should deallocate dd-\u003ecr_base and\ndd-\u003ecr_base[i] that allocated before. Or those resources\nwould be never freed and a memleak is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26839",
"url": "https://www.suse.com/security/cve/CVE-2024-26839"
},
{
"category": "external",
"summary": "SUSE Bug 1222975 for CVE-2024-26839",
"url": "https://bugzilla.suse.com/1222975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "low"
}
],
"title": "CVE-2024-26839"
},
{
"cve": "CVE-2024-26840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [\u003cffffffff8eb8a1a5\u003e] kmem_cache_alloc+0x2d5/0x370\n [\u003cffffffff8e917f86\u003e] prepare_creds+0x26/0x2e0\n [\u003cffffffffc002eeef\u003e] cachefiles_determine_cache_security+0x1f/0x120\n [\u003cffffffffc00243ec\u003e] cachefiles_add_cache+0x13c/0x3a0\n [\u003cffffffffc0025216\u003e] cachefiles_daemon_write+0x146/0x1c0\n [\u003cffffffff8ebc4a3b\u003e] vfs_write+0xcb/0x520\n [\u003cffffffff8ebc5069\u003e] ksys_write+0x69/0xf0\n [\u003cffffffff8f6d4662\u003e] do_syscall_64+0x72/0x140\n [\u003cffffffff8f8000aa\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26840",
"url": "https://www.suse.com/security/cve/CVE-2024-26840"
},
{
"category": "external",
"summary": "SUSE Bug 1222976 for CVE-2024-26840",
"url": "https://bugzilla.suse.com/1222976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "low"
}
],
"title": "CVE-2024-26840"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()\n\nThe function ice_bridge_setlink() may encounter a NULL pointer dereference\nif nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently\nin nla_for_each_nested(). To address this issue, add a check to ensure that\nbr_spec is not NULL before proceeding with the nested attribute iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26855",
"url": "https://www.suse.com/security/cve/CVE-2024-26855"
},
{
"category": "external",
"summary": "SUSE Bug 1223051 for CVE-2024-26855",
"url": "https://bugzilla.suse.com/1223051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: make sure to pull inner header in geneve_rx()\n\nsyzbot triggered a bug in geneve_rx() [1]\n\nIssue is similar to the one I fixed in commit 8d975c15c0cd\n(\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\n[1]\nBUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in geneve_rx drivers/net/geneve.c:279 [inline]\n BUG: KMSAN: uninit-value in geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n geneve_rx drivers/net/geneve.c:279 [inline]\n geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n udp_queue_rcv_one_skb+0x1d39/0x1f20 net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x6ae/0x6e0 net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x184/0x4b0 net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x1c6b/0x3010 net/ipv4/udp.c:2422\n udp_rcv+0x7d/0xa0 net/ipv4/udp.c:2604\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n process_backlog+0x480/0x8b0 net/core/dev.c:5976\n __napi_poll+0xe3/0x980 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x8b8/0x1870 net/core/dev.c:6778\n __do_softirq+0x1b7/0x7c5 kernel/softirq.c:553\n do_softirq+0x9a/0xf0 kernel/softirq.c:454\n __local_bh_enable_ip+0x9b/0xa0 kernel/softirq.c:381\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:820 [inline]\n __dev_queue_xmit+0x2768/0x51c0 net/core/dev.c:4378\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x5cb/0xbc0 mm/slub.c:3903\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x352/0x790 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1296 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6394\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2783\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x70c2/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26857",
"url": "https://www.suse.com/security/cve/CVE-2024-26857"
},
{
"category": "external",
"summary": "SUSE Bug 1223058 for CVE-2024-26857",
"url": "https://bugzilla.suse.com/1223058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26857"
},
{
"cve": "CVE-2024-26859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/bnx2x: Prevent access to a freed page in page_pool\n\nFix race condition leading to system crash during EEH error handling\n\nDuring EEH error recovery, the bnx2x driver\u0027s transmit timeout logic\ncould cause a race condition when handling reset tasks. The\nbnx2x_tx_timeout() schedules reset tasks via bnx2x_sp_rtnl_task(),\nwhich ultimately leads to bnx2x_nic_unload(). In bnx2x_nic_unload()\nSGEs are freed using bnx2x_free_rx_sge_range(). However, this could\noverlap with the EEH driver\u0027s attempt to reset the device using\nbnx2x_io_slot_reset(), which also tries to free SGEs. This race\ncondition can result in system crashes due to accessing freed memory\nlocations in bnx2x_free_rx_sge()\n\n799 static inline void bnx2x_free_rx_sge(struct bnx2x *bp,\n800\t\t\t\tstruct bnx2x_fastpath *fp, u16 index)\n801 {\n802\tstruct sw_rx_page *sw_buf = \u0026fp-\u003erx_page_ring[index];\n803 struct page *page = sw_buf-\u003epage;\n....\nwhere sw_buf was set to NULL after the call to dma_unmap_page()\nby the preceding thread.\n\n EEH: Beginning: \u0027slot_reset\u0027\n PCI 0011:01:00.0#10000: EEH: Invoking bnx2x-\u003eslot_reset()\n bnx2x: [bnx2x_io_slot_reset:14228(eth1)]IO slot reset initializing...\n bnx2x 0011:01:00.0: enabling device (0140 -\u003e 0142)\n bnx2x: [bnx2x_io_slot_reset:14244(eth1)]IO slot reset --\u003e driver unload\n Kernel attempted to read user page (0) - exploit attempt? (uid: 0)\n BUG: Kernel NULL pointer dereference on read at 0x00000000\n Faulting instruction address: 0xc0080000025065fc\n Oops: Kernel access of bad area, sig: 11 [#1]\n .....\n Call Trace:\n [c000000003c67a20] [c00800000250658c] bnx2x_io_slot_reset+0x204/0x610 [bnx2x] (unreliable)\n [c000000003c67af0] [c0000000000518a8] eeh_report_reset+0xb8/0xf0\n [c000000003c67b60] [c000000000052130] eeh_pe_report+0x180/0x550\n [c000000003c67c70] [c00000000005318c] eeh_handle_normal_event+0x84c/0xa60\n [c000000003c67d50] [c000000000053a84] eeh_event_handler+0xf4/0x170\n [c000000003c67da0] [c000000000194c58] kthread+0x1c8/0x1d0\n [c000000003c67e10] [c00000000000cf64] ret_from_kernel_thread+0x5c/0x64\n\nTo solve this issue, we need to verify page pool allocations before\nfreeing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26859",
"url": "https://www.suse.com/security/cve/CVE-2024-26859"
},
{
"category": "external",
"summary": "SUSE Bug 1223049 for CVE-2024-26859",
"url": "https://bugzilla.suse.com/1223049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26859"
},
{
"cve": "CVE-2024-26878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(\u0026dquots[cnt]-\u003edq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode\u0027s quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let\u0027s fix it by using a temporary pointer to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26878",
"url": "https://www.suse.com/security/cve/CVE-2024-26878"
},
{
"category": "external",
"summary": "SUSE Bug 1223060 for CVE-2024-26878",
"url": "https://bugzilla.suse.com/1223060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stackmap overflow check on 32-bit arches\n\nThe stackmap code relies on roundup_pow_of_two() to compute the number\nof hash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code.\n\nThe commit in the fixes tag actually attempted to fix this, but the fix\ndid not account for the UB, so the fix only works on CPUs where an\noverflow does result in a neat truncation to zero, which is not\nguaranteed. Checking the value before rounding does not have this\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26883",
"url": "https://www.suse.com/security/cve/CVE-2024-26883"
},
{
"category": "external",
"summary": "SUSE Bug 1223035 for CVE-2024-26883",
"url": "https://bugzilla.suse.com/1223035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix hashtab overflow check on 32-bit arches\n\nThe hashtab code relies on roundup_pow_of_two() to compute the number of\nhash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code. So apply the same\nfix to hashtab, by moving the overflow check to before the roundup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26884",
"url": "https://www.suse.com/security/cve/CVE-2024-26884"
},
{
"category": "external",
"summary": "SUSE Bug 1223189 for CVE-2024-26884",
"url": "https://bugzilla.suse.com/1223189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\n\nThis patch is against CVE-2023-6270. The description of cve is:\n\n A flaw was found in the ATA over Ethernet (AoE) driver in the Linux\n kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on\n `struct net_device`, and a use-after-free can be triggered by racing\n between the free on the struct and the access through the `skbtxq`\n global queue. This could lead to a denial of service condition or\n potential code execution.\n\nIn aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial\ncode is finished. But the net_device ifp will still be used in\nlater tx()-\u003edev_queue_xmit() in kthread. Which means that the\ndev_put(ifp) should NOT be called in the success path of skb\ninitial code in aoecmd_cfg_pkts(). Otherwise tx() may run into\nuse-after-free because the net_device is freed.\n\nThis patch removed the dev_put(ifp) in the success path in\naoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26898",
"url": "https://www.suse.com/security/cve/CVE-2024-26898"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1223017 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever\u0027s suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26901",
"url": "https://www.suse.com/security/cve/CVE-2024-26901"
},
{
"category": "external",
"summary": "SUSE Bug 1223198 for CVE-2024-26901",
"url": "https://bugzilla.suse.com/1223198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security\n\nDuring our fuzz testing of the connection and disconnection process at the\nRFCOMM layer, we discovered this bug. By comparing the packets from a\nnormal connection and disconnection process with the testcase that\ntriggered a KASAN report. We analyzed the cause of this bug as follows:\n\n1. In the packets captured during a normal connection, the host sends a\n`Read Encryption Key Size` type of `HCI_CMD` packet\n(Command Opcode: 0x1408) to the controller to inquire the length of\nencryption key.After receiving this packet, the controller immediately\nreplies with a Command Completepacket (Event Code: 0x0e) to return the\nEncryption Key Size.\n\n2. In our fuzz test case, the timing of the controller\u0027s response to this\npacket was delayed to an unexpected point: after the RFCOMM and L2CAP\nlayers had disconnected but before the HCI layer had disconnected.\n\n3. After receiving the Encryption Key Size Response at the time described\nin point 2, the host still called the rfcomm_check_security function.\nHowever, by this time `struct l2cap_conn *conn = l2cap_pi(sk)-\u003echan-\u003econn;`\nhad already been released, and when the function executed\n`return hci_conn_security(conn-\u003ehcon, d-\u003esec_level, auth_type, d-\u003eout);`,\nspecifically when accessing `conn-\u003ehcon`, a null-ptr-deref error occurred.\n\nTo fix this bug, check if `sk-\u003esk_state` is BT_CLOSED before calling\nrfcomm_recv_frame in rfcomm_process_rx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26903",
"url": "https://www.suse.com/security/cve/CVE-2024-26903"
},
{
"category": "external",
"summary": "SUSE Bug 1223187 for CVE-2024-26903",
"url": "https://bugzilla.suse.com/1223187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26907"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix fortify source warning while accessing Eth segment\n\n ------------[ cut here ]------------\n memcpy: detected field-spanning write (size 56) of single field \"eseg-\u003einline_hdr.start\" at /var/lib/dkms/mlnx-ofed-kernel/5.8/build/drivers/infiniband/hw/mlx5/wr.c:131 (size 2)\n WARNING: CPU: 0 PID: 293779 at /var/lib/dkms/mlnx-ofed-kernel/5.8/build/drivers/infiniband/hw/mlx5/wr.c:131 mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n Modules linked in: 8021q garp mrp stp llc rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) ib_core(OE) mlx5_core(OE) pci_hyperv_intf mlxdevm(OE) mlx_compat(OE) tls mlxfw(OE) psample nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink mst_pciconf(OE) knem(OE) vfio_pci vfio_pci_core vfio_iommu_type1 vfio iommufd irqbypass cuse nfsv3 nfs fscache netfs xfrm_user xfrm_algo ipmi_devintf ipmi_msghandler binfmt_misc crct10dif_pclmul crc32_pclmul polyval_clmulni polyval_generic ghash_clmulni_intel sha512_ssse3 snd_pcsp aesni_intel crypto_simd cryptd snd_pcm snd_timer joydev snd soundcore input_leds serio_raw evbug nfsd auth_rpcgss nfs_acl lockd grace sch_fq_codel sunrpc drm efi_pstore ip_tables x_tables autofs4 psmouse virtio_net net_failover failover floppy\n [last unloaded: mlx_compat(OE)]\n CPU: 0 PID: 293779 Comm: ssh Tainted: G OE 6.2.0-32-generic #32~22.04.1-Ubuntu\n Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\n RIP: 0010:mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n Code: 0c 01 00 a8 01 75 25 48 8b 75 a0 b9 02 00 00 00 48 c7 c2 10 5b fd c0 48 c7 c7 80 5b fd c0 c6 05 57 0c 03 00 01 e8 95 4d 93 da \u003c0f\u003e 0b 44 8b 4d b0 4c 8b 45 c8 48 8b 4d c0 e9 49 fb ff ff 41 0f b7\n RSP: 0018:ffffb5b48478b570 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffb5b48478b628 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffb5b48478b5e8\n R13: ffff963a3c609b5e R14: ffff9639c3fbd800 R15: ffffb5b480475a80\n FS: 00007fc03b444c80(0000) GS:ffff963a3dc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000556f46bdf000 CR3: 0000000006ac6003 CR4: 00000000003706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x72/0x90\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n ? __warn+0x8d/0x160\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n ? report_bug+0x1bb/0x1d0\n ? handle_bug+0x46/0x90\n ? exc_invalid_op+0x19/0x80\n ? asm_exc_invalid_op+0x1b/0x20\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n mlx5_ib_post_send_nodrain+0xb/0x20 [mlx5_ib]\n ipoib_send+0x2ec/0x770 [ib_ipoib]\n ipoib_start_xmit+0x5a0/0x770 [ib_ipoib]\n dev_hard_start_xmit+0x8e/0x1e0\n ? validate_xmit_skb_list+0x4d/0x80\n sch_direct_xmit+0x116/0x3a0\n __dev_xmit_skb+0x1fd/0x580\n __dev_queue_xmit+0x284/0x6b0\n ? _raw_spin_unlock_irq+0xe/0x50\n ? __flush_work.isra.0+0x20d/0x370\n ? push_pseudo_header+0x17/0x40 [ib_ipoib]\n neigh_connected_output+0xcd/0x110\n ip_finish_output2+0x179/0x480\n ? __smp_call_single_queue+0x61/0xa0\n __ip_finish_output+0xc3/0x190\n ip_finish_output+0x2e/0xf0\n ip_output+0x78/0x110\n ? __pfx_ip_finish_output+0x10/0x10\n ip_local_out+0x64/0x70\n __ip_queue_xmit+0x18a/0x460\n ip_queue_xmit+0x15/0x30\n __tcp_transmit_skb+0x914/0x9c0\n tcp_write_xmit+0x334/0x8d0\n tcp_push_one+0x3c/0x60\n tcp_sendmsg_locked+0x2e1/0xac0\n tcp_sendmsg+0x2d/0x50\n inet_sendmsg+0x43/0x90\n sock_sendmsg+0x68/0x80\n sock_write_iter+0x93/0x100\n vfs_write+0x326/0x3c0\n ksys_write+0xbd/0xf0\n ? do_syscall_64+0x69/0x90\n __x64_sys_write+0x19/0x30\n do_syscall_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26907",
"url": "https://www.suse.com/security/cve/CVE-2024-26907"
},
{
"category": "external",
"summary": "SUSE Bug 1223203 for CVE-2024-26907",
"url": "https://bugzilla.suse.com/1223203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26907"
},
{
"cve": "CVE-2024-26922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: validate the parameters of bo mapping operations more clearly\n\nVerify the parameters of\namdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26922",
"url": "https://www.suse.com/security/cve/CVE-2024-26922"
},
{
"category": "external",
"summary": "SUSE Bug 1223315 for CVE-2024-26922",
"url": "https://bugzilla.suse.com/1223315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26922"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26931",
"url": "https://www.suse.com/security/cve/CVE-2024-26931"
},
{
"category": "external",
"summary": "SUSE Bug 1223627 for CVE-2024-26931",
"url": "https://bugzilla.suse.com/1223627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26948",
"url": "https://www.suse.com/security/cve/CVE-2024-26948"
},
{
"category": "external",
"summary": "SUSE Bug 1223664 for CVE-2024-26948",
"url": "https://bugzilla.suse.com/1223664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26948"
},
{
"cve": "CVE-2024-26993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26993",
"url": "https://www.suse.com/security/cve/CVE-2024-26993"
},
{
"category": "external",
"summary": "SUSE Bug 1223693 for CVE-2024-26993",
"url": "https://bugzilla.suse.com/1223693"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-27013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: limit printing rate when illegal packet received by tun dev\n\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\n\nnet_ratelimit mechanism can be used to limit the dumping rate.\n\nPID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: \"vhost-32980\"\n #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n #3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n [exception RIP: io_serial_in+20]\n RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002\n RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000\n RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0\n RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f\n R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020\n R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n #10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n #12 [ffffa65531497b68] printk at ffffffff89318306\n #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n #18 [ffffa65531497f10] kthread at ffffffff892d2e72\n #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27013",
"url": "https://www.suse.com/security/cve/CVE-2024-27013"
},
{
"category": "external",
"summary": "SUSE Bug 1223745 for CVE-2024-27013",
"url": "https://bugzilla.suse.com/1223745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Prevent deadlock while disabling aRFS\n\nWhen disabling aRFS under the `priv-\u003estate_lock`, any scheduled\naRFS works are canceled using the `cancel_work_sync` function,\nwhich waits for the work to end if it has already started.\nHowever, while waiting for the work handler, the handler will\ntry to acquire the `state_lock` which is already acquired.\n\nThe worker acquires the lock to delete the rules if the state\nis down, which is not the worker\u0027s responsibility since\ndisabling aRFS deletes the rules.\n\nAdd an aRFS state variable, which indicates whether the aRFS is\nenabled and prevent adding rules when the aRFS is disabled.\n\nKernel log:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G I\n------------------------------------------------------\nethtool/386089 is trying to acquire lock:\nffff88810f21ce68 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0\n\nbut task is already holding lock:\nffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026priv-\u003estate_lock){+.+.}-{3:3}:\n __mutex_lock+0x80/0xc90\n arfs_handle_work+0x4b/0x3b0 [mlx5_core]\n process_one_work+0x1dc/0x4a0\n worker_thread+0x1bf/0x3c0\n kthread+0xd7/0x100\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n\n-\u003e #0 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}:\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n __flush_work+0x7a/0x4e0\n __cancel_work_timer+0x131/0x1c0\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1a1/0x270\n netlink_sendmsg+0x214/0x460\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x113/0x170\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n\n *** DEADLOCK ***\n\n3 locks held by ethtool/386089:\n #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40\n #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240\n #2: ffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nstack backtrace:\nCPU: 15 PID: 386089 Comm: ethtool Tainted: G I 6.7.0-rc4_net_next_mlx5_5483eb2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x60/0xa0\n check_noncircular+0x144/0x160\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n ? __flush_work+0x74/0x4e0\n ? save_trace+0x3e/0x360\n ? __flush_work+0x74/0x4e0\n __flush_work+0x7a/0x4e0\n ? __flush_work+0x74/0x4e0\n ? __lock_acquire+0xa78/0x2c80\n ? lock_acquire+0xd0/0x2b0\n ? mark_held_locks+0x49/0x70\n __cancel_work_timer+0x131/0x1c0\n ? mark_held_locks+0x49/0x70\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n ? ethn\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27014",
"url": "https://www.suse.com/security/cve/CVE-2024-27014"
},
{
"category": "external",
"summary": "SUSE Bug 1223735 for CVE-2024-27014",
"url": "https://bugzilla.suse.com/1223735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27014"
},
{
"cve": "CVE-2024-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27043",
"url": "https://www.suse.com/security/cve/CVE-2024-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223824 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "external",
"summary": "SUSE Bug 1223825 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "important"
}
],
"title": "CVE-2024-27043"
},
{
"cve": "CVE-2024-27046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27046",
"url": "https://www.suse.com/security/cve/CVE-2024-27046"
},
{
"category": "external",
"summary": "SUSE Bug 1223827 for CVE-2024-27046",
"url": "https://bugzilla.suse.com/1223827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27046"
},
{
"cve": "CVE-2024-27054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27054",
"url": "https://www.suse.com/security/cve/CVE-2024-27054"
},
{
"category": "external",
"summary": "SUSE Bug 1223819 for CVE-2024-27054",
"url": "https://bugzilla.suse.com/1223819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usbtv: Remove useless locks in usbtv_video_free()\n\nRemove locks calls in usbtv_video_free() because\nare useless and may led to a deadlock as reported here:\nhttps://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000\nAlso remove usbtv_stop() call since it will be called when\nunregistering the device.\n\nBefore \u0027c838530d230b\u0027 this issue would only be noticed if you\ndisconnect while streaming and now it is noticeable even when\ndisconnecting while not streaming.\n\n\n[hverkuil: fix minor spelling mistake in log message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27072",
"url": "https://www.suse.com/security/cve/CVE-2024-27072"
},
{
"category": "external",
"summary": "SUSE Bug 1223837 for CVE-2024-27072",
"url": "https://bugzilla.suse.com/1223837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27072"
},
{
"cve": "CVE-2024-27073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ttpci: fix two memleaks in budget_av_attach\n\nWhen saa7146_register_device and saa7146_vv_init fails, budget_av_attach\nshould free the resources it allocates, like the error-handling of\nttpci_budget_init does. Besides, there are two fixme comment refers to\nsuch deallocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27073",
"url": "https://www.suse.com/security/cve/CVE-2024-27073"
},
{
"category": "external",
"summary": "SUSE Bug 1223843 for CVE-2024-27073",
"url": "https://bugzilla.suse.com/1223843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27073"
},
{
"cve": "CVE-2024-27074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: go7007: fix a memleak in go7007_load_encoder\n\nIn go7007_load_encoder, bounce(i.e. go-\u003eboot_fw), is allocated without\na deallocation thereafter. After the following call chain:\n\nsaa7134_go7007_init\n |-\u003e go7007_boot_encoder\n |-\u003e go7007_load_encoder\n |-\u003e kfree(go)\n\ngo is freed and thus bounce is leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27074",
"url": "https://www.suse.com/security/cve/CVE-2024-27074"
},
{
"category": "external",
"summary": "SUSE Bug 1223844 for CVE-2024-27074",
"url": "https://bugzilla.suse.com/1223844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27074"
},
{
"cve": "CVE-2024-27075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: avoid stack overflow warnings with clang\n\nA previous patch worked around a KASAN issue in stv0367, now a similar\nproblem showed up with clang:\n\ndrivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in \u0027stv0367ter_set_frontend\u0027 [-Werror,-Wframe-larger-than]\n 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)\n\nRework the stv0367_writereg() function to be simpler and mark both\nregister access functions as noinline_for_stack so the temporary\ni2c_msg structures do not get duplicated on the stack when KASAN_STACK\nis enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27075",
"url": "https://www.suse.com/security/cve/CVE-2024-27075"
},
{
"category": "external",
"summary": "SUSE Bug 1223842 for CVE-2024-27075",
"url": "https://bugzilla.suse.com/1223842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27075"
},
{
"cve": "CVE-2024-27078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: fix some memleaks in tpg_alloc\n\nIn tpg_alloc, resources should be deallocated in each and every\nerror-handling paths, since they are allocated in for statements.\nOtherwise there would be memleaks because tpg_free is called only when\ntpg_alloc return 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27078",
"url": "https://www.suse.com/security/cve/CVE-2024-27078"
},
{
"category": "external",
"summary": "SUSE Bug 1223781 for CVE-2024-27078",
"url": "https://bugzilla.suse.com/1223781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27078"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_216-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.216.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.216.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.216.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-30T14:27:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
}
]
}
suse-su-2024:4367-1
Vulnerability from csaf_suse
Published
2024-12-17 17:59
Modified
2024-12-17 17:59
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015).
- CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
- CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (bsc#1223769).
- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).
- CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904).
- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).
- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).
- CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507).
- CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).
- CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063).
- CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130).
- CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108).
- CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103).
- CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191).
- CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211).
- CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212).
- CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454).
- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
- CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560).
- CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577).
- CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).
The following non-security bugs were fixed:
- drm/vc4: Warn if some v3d code is run on BCM2711 (bsc#1233108).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).
- lpfc: size cpu map by last cpu id set (bsc#1157160).
- net: relax socket state check at accept time (git-fixes).
- ocfs2: uncache inode which has failed entering the group (bsc#1234087).
Patchnames
SUSE-2024-4367,SUSE-SLE-HA-12-SP5-2024-4367,SUSE-SLE-Live-Patching-12-SP5-2024-4367,SUSE-SLE-SERVER-12-SP5-LTSS-2024-4367,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4367
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015).\n- CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).\n- CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value (bsc#1223769).\n- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).\n- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).\n- CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).\n- CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).\n- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).\n- CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766).\n- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).\n- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).\n- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).\n- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()\u0026iput() (bsc#1231930).\n- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).\n- CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251).\n- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).\n- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).\n- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)\n- CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552).\n- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).\n- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).\n- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).\n- CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904).\n- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).\n- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).\n- CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507).\n- CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873).\n- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).\n- CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897).\n- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).\n- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).\n- CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063).\n- CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051).\n- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).\n- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).\n- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).\n- CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130).\n- CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108).\n- CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103).\n- CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191).\n- CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211).\n- CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212).\n- CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233453).\n- CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454).\n- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).\n- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).\n- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).\n- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).\n- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).\n- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).\n- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).\n- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).\n- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).\n- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).\n- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).\n- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).\n- CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560).\n- CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577).\n- CVE-2024-53088: i40e: fix race condition by adding filter\u0027s intermediate sync state (bsc#1233580).\n- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).\n- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).\n\nThe following non-security bugs were fixed:\n\n- drm/vc4: Warn if some v3d code is run on BCM2711 (bsc#1233108).\n- initramfs: avoid filename buffer overrun (bsc#1232436).\n- kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).\n- lpfc: size cpu map by last cpu id set (bsc#1157160).\n- net: relax socket state check at accept time (git-fixes).\n- ocfs2: uncache inode which has failed entering the group (bsc#1234087).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-4367,SUSE-SLE-HA-12-SP5-2024-4367,SUSE-SLE-Live-Patching-12-SP5-2024-4367,SUSE-SLE-SERVER-12-SP5-LTSS-2024-4367,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4367",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_4367-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:4367-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20244367-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:4367-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020025.html"
},
{
"category": "self",
"summary": "SUSE Bug 1082555",
"url": "https://bugzilla.suse.com/1082555"
},
{
"category": "self",
"summary": "SUSE Bug 1157160",
"url": "https://bugzilla.suse.com/1157160"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1222364",
"url": "https://bugzilla.suse.com/1222364"
},
{
"category": "self",
"summary": "SUSE Bug 1222413",
"url": "https://bugzilla.suse.com/1222413"
},
{
"category": "self",
"summary": "SUSE Bug 1223044",
"url": "https://bugzilla.suse.com/1223044"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223769",
"url": "https://bugzilla.suse.com/1223769"
},
{
"category": "self",
"summary": "SUSE Bug 1224526",
"url": "https://bugzilla.suse.com/1224526"
},
{
"category": "self",
"summary": "SUSE Bug 1225730",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225764",
"url": "https://bugzilla.suse.com/1225764"
},
{
"category": "self",
"summary": "SUSE Bug 1228015",
"url": "https://bugzilla.suse.com/1228015"
},
{
"category": "self",
"summary": "SUSE Bug 1228650",
"url": "https://bugzilla.suse.com/1228650"
},
{
"category": "self",
"summary": "SUSE Bug 1228708",
"url": "https://bugzilla.suse.com/1228708"
},
{
"category": "self",
"summary": "SUSE Bug 1228779",
"url": "https://bugzilla.suse.com/1228779"
},
{
"category": "self",
"summary": "SUSE Bug 1230231",
"url": "https://bugzilla.suse.com/1230231"
},
{
"category": "self",
"summary": "SUSE Bug 1230429",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "self",
"summary": "SUSE Bug 1230766",
"url": "https://bugzilla.suse.com/1230766"
},
{
"category": "self",
"summary": "SUSE Bug 1230773",
"url": "https://bugzilla.suse.com/1230773"
},
{
"category": "self",
"summary": "SUSE Bug 1230784",
"url": "https://bugzilla.suse.com/1230784"
},
{
"category": "self",
"summary": "SUSE Bug 1230827",
"url": "https://bugzilla.suse.com/1230827"
},
{
"category": "self",
"summary": "SUSE Bug 1231184",
"url": "https://bugzilla.suse.com/1231184"
},
{
"category": "self",
"summary": "SUSE Bug 1231439",
"url": "https://bugzilla.suse.com/1231439"
},
{
"category": "self",
"summary": "SUSE Bug 1231904",
"url": "https://bugzilla.suse.com/1231904"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231930",
"url": "https://bugzilla.suse.com/1231930"
},
{
"category": "self",
"summary": "SUSE Bug 1232157",
"url": "https://bugzilla.suse.com/1232157"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232165",
"url": "https://bugzilla.suse.com/1232165"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232224",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "self",
"summary": "SUSE Bug 1232251",
"url": "https://bugzilla.suse.com/1232251"
},
{
"category": "self",
"summary": "SUSE Bug 1232272",
"url": "https://bugzilla.suse.com/1232272"
},
{
"category": "self",
"summary": "SUSE Bug 1232329",
"url": "https://bugzilla.suse.com/1232329"
},
{
"category": "self",
"summary": "SUSE Bug 1232371",
"url": "https://bugzilla.suse.com/1232371"
},
{
"category": "self",
"summary": "SUSE Bug 1232436",
"url": "https://bugzilla.suse.com/1232436"
},
{
"category": "self",
"summary": "SUSE Bug 1232507",
"url": "https://bugzilla.suse.com/1232507"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232552",
"url": "https://bugzilla.suse.com/1232552"
},
{
"category": "self",
"summary": "SUSE Bug 1232873",
"url": "https://bugzilla.suse.com/1232873"
},
{
"category": "self",
"summary": "SUSE Bug 1232887",
"url": "https://bugzilla.suse.com/1232887"
},
{
"category": "self",
"summary": "SUSE Bug 1232888",
"url": "https://bugzilla.suse.com/1232888"
},
{
"category": "self",
"summary": "SUSE Bug 1232897",
"url": "https://bugzilla.suse.com/1232897"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1232928",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "self",
"summary": "SUSE Bug 1233049",
"url": "https://bugzilla.suse.com/1233049"
},
{
"category": "self",
"summary": "SUSE Bug 1233051",
"url": "https://bugzilla.suse.com/1233051"
},
{
"category": "self",
"summary": "SUSE Bug 1233057",
"url": "https://bugzilla.suse.com/1233057"
},
{
"category": "self",
"summary": "SUSE Bug 1233063",
"url": "https://bugzilla.suse.com/1233063"
},
{
"category": "self",
"summary": "SUSE Bug 1233070",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "self",
"summary": "SUSE Bug 1233097",
"url": "https://bugzilla.suse.com/1233097"
},
{
"category": "self",
"summary": "SUSE Bug 1233103",
"url": "https://bugzilla.suse.com/1233103"
},
{
"category": "self",
"summary": "SUSE Bug 1233108",
"url": "https://bugzilla.suse.com/1233108"
},
{
"category": "self",
"summary": "SUSE Bug 1233111",
"url": "https://bugzilla.suse.com/1233111"
},
{
"category": "self",
"summary": "SUSE Bug 1233123",
"url": "https://bugzilla.suse.com/1233123"
},
{
"category": "self",
"summary": "SUSE Bug 1233130",
"url": "https://bugzilla.suse.com/1233130"
},
{
"category": "self",
"summary": "SUSE Bug 1233191",
"url": "https://bugzilla.suse.com/1233191"
},
{
"category": "self",
"summary": "SUSE Bug 1233211",
"url": "https://bugzilla.suse.com/1233211"
},
{
"category": "self",
"summary": "SUSE Bug 1233212",
"url": "https://bugzilla.suse.com/1233212"
},
{
"category": "self",
"summary": "SUSE Bug 1233216",
"url": "https://bugzilla.suse.com/1233216"
},
{
"category": "self",
"summary": "SUSE Bug 1233453",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "self",
"summary": "SUSE Bug 1233454",
"url": "https://bugzilla.suse.com/1233454"
},
{
"category": "self",
"summary": "SUSE Bug 1233456",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "self",
"summary": "SUSE Bug 1233462",
"url": "https://bugzilla.suse.com/1233462"
},
{
"category": "self",
"summary": "SUSE Bug 1233467",
"url": "https://bugzilla.suse.com/1233467"
},
{
"category": "self",
"summary": "SUSE Bug 1233468",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "self",
"summary": "SUSE Bug 1233478",
"url": "https://bugzilla.suse.com/1233478"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233485",
"url": "https://bugzilla.suse.com/1233485"
},
{
"category": "self",
"summary": "SUSE Bug 1233490",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "self",
"summary": "SUSE Bug 1233491",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "self",
"summary": "SUSE Bug 1233552",
"url": "https://bugzilla.suse.com/1233552"
},
{
"category": "self",
"summary": "SUSE Bug 1233555",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233560",
"url": "https://bugzilla.suse.com/1233560"
},
{
"category": "self",
"summary": "SUSE Bug 1233577",
"url": "https://bugzilla.suse.com/1233577"
},
{
"category": "self",
"summary": "SUSE Bug 1233580",
"url": "https://bugzilla.suse.com/1233580"
},
{
"category": "self",
"summary": "SUSE Bug 1234025",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "self",
"summary": "SUSE Bug 1234072",
"url": "https://bugzilla.suse.com/1234072"
},
{
"category": "self",
"summary": "SUSE Bug 1234087",
"url": "https://bugzilla.suse.com/1234087"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48853 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26801 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42131 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42229 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46771 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47660 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50044 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50117 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50148 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50150 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50167 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50171 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50179 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50183 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50187 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50194 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50195 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50210 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50234 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50265 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50267 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50273 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50278 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50278/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50279 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50289 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50296 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50302 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53066 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53104 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53114 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53142/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-12-17T17:59:49Z",
"generator": {
"date": "2024-12-17T17:59:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:4367-1",
"initial_release_date": "2024-12-17T17:59:49Z",
"revision_history": [
{
"date": "2024-12-17T17:59:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.237.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.237.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.237.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.237.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.237.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.237.1.noarch",
"product_id": "kernel-devel-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.237.1.noarch",
"product_id": "kernel-docs-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.237.1.noarch",
"product_id": "kernel-docs-html-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.237.1.noarch",
"product_id": "kernel-macros-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.237.1.noarch",
"product_id": "kernel-source-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.237.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.237.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-debug-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.237.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.237.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.s390x",
"product_id": "kernel-syms-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.237.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.237.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.237.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.237.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.237.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-122.237.1.x86_64",
"product_id": "kernel-debug-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-122.237.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-122.237.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.237.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.237.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.237.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.237.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.237.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.237.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.237.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.237.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2022-48853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: fix info leak with DMA_FROM_DEVICE\n\nThe problem I\u0027m addressing was discovered by the LTP test covering\ncve-2018-1000204.\n\nA short description of what happens follows:\n1) The test case issues a command code 00 (TEST UNIT READY) via the SG_IO\n interface with: dxfer_len == 524288, dxdfer_dir == SG_DXFER_FROM_DEV\n and a corresponding dxferp. The peculiar thing about this is that TUR\n is not reading from the device.\n2) In sg_start_req() the invocation of blk_rq_map_user() effectively\n bounces the user-space buffer. As if the device was to transfer into\n it. Since commit a45b599ad808 (\"scsi: sg: allocate with __GFP_ZERO in\n sg_build_indirect()\") we make sure this first bounce buffer is\n allocated with GFP_ZERO.\n3) For the rest of the story we keep ignoring that we have a TUR, so the\n device won\u0027t touch the buffer we prepare as if the we had a\n DMA_FROM_DEVICE type of situation. My setup uses a virtio-scsi device\n and the buffer allocated by SG is mapped by the function\n virtqueue_add_split() which uses DMA_FROM_DEVICE for the \"in\" sgs (here\n scatter-gather and not scsi generics). This mapping involves bouncing\n via the swiotlb (we need swiotlb to do virtio in protected guest like\n s390 Secure Execution, or AMD SEV).\n4) When the SCSI TUR is done, we first copy back the content of the second\n (that is swiotlb) bounce buffer (which most likely contains some\n previous IO data), to the first bounce buffer, which contains all\n zeros. Then we copy back the content of the first bounce buffer to\n the user-space buffer.\n5) The test case detects that the buffer, which it zero-initialized,\n ain\u0027t all zeros and fails.\n\nOne can argue that this is an swiotlb problem, because without swiotlb\nwe leak all zeros, and the swiotlb should be transparent in a sense that\nit does not affect the outcome (if all other participants are well\nbehaved).\n\nCopying the content of the original buffer into the swiotlb buffer is\nthe only way I can think of to make swiotlb transparent in such\nscenarios. So let\u0027s do just that if in doubt, but allow the driver\nto tell us that the whole mapped buffer is going to be overwritten,\nin which case we can preserve the old behavior and avoid the performance\nimpact of the extra bounce.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48853",
"url": "https://www.suse.com/security/cve/CVE-2022-48853"
},
{
"category": "external",
"summary": "SUSE Bug 1228015 for CVE-2022-48853",
"url": "https://bugzilla.suse.com/1228015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-48853"
},
{
"cve": "CVE-2024-26801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Avoid potential use-after-free in hci_error_reset\n\nWhile handling the HCI_EV_HARDWARE_ERROR event, if the underlying\nBT controller is not responding, the GPIO reset mechanism would\nfree the hci_dev and lead to a use-after-free in hci_error_reset.\n\nHere\u0027s the call trace observed on a ChromeOS device with Intel AX201:\n queue_work_on+0x3e/0x6c\n __hci_cmd_sync_sk+0x2ee/0x4c0 [bluetooth \u003cHASH:3b4a6\u003e]\n ? init_wait_entry+0x31/0x31\n __hci_cmd_sync+0x16/0x20 [bluetooth \u003cHASH:3b4a 6\u003e]\n hci_error_reset+0x4f/0xa4 [bluetooth \u003cHASH:3b4a 6\u003e]\n process_one_work+0x1d8/0x33f\n worker_thread+0x21b/0x373\n kthread+0x13a/0x152\n ? pr_cont_work+0x54/0x54\n ? kthread_blkcg+0x31/0x31\n ret_from_fork+0x1f/0x30\n\nThis patch holds the reference count on the hci_dev while processing\na HCI_EV_HARDWARE_ERROR event to avoid potential crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26801",
"url": "https://www.suse.com/security/cve/CVE-2024-26801"
},
{
"category": "external",
"summary": "SUSE Bug 1222413 for CVE-2024-26801",
"url": "https://bugzilla.suse.com/1222413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-26801"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: af_bluetooth: Fix deadlock\n\nAttemting to do sock_lock on .recvmsg may cause a deadlock as shown\nbellow, so instead of using sock_sock this uses sk_receive_queue.lock\non bt_sock_ioctl to avoid the UAF:\n\nINFO: task kworker/u9:1:121 blocked for more than 30 seconds.\n Not tainted 6.7.6-lemon #183\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x37d/0xa00\n schedule+0x32/0xe0\n __lock_sock+0x68/0xa0\n ? __pfx_autoremove_wake_function+0x10/0x10\n lock_sock_nested+0x43/0x50\n l2cap_sock_recv_cb+0x21/0xa0\n l2cap_recv_frame+0x55b/0x30a0\n ? psi_task_switch+0xeb/0x270\n ? finish_task_switch.isra.0+0x93/0x2a0\n hci_rx_work+0x33a/0x3f0\n process_one_work+0x13a/0x2f0\n worker_thread+0x2f0/0x410\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe0/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2c/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26886",
"url": "https://www.suse.com/security/cve/CVE-2024-26886"
},
{
"category": "external",
"summary": "SUSE Bug 1223044 for CVE-2024-26886",
"url": "https://bugzilla.suse.com/1223044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-26886"
},
{
"cve": "CVE-2024-27051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27051",
"url": "https://www.suse.com/security/cve/CVE-2024-27051"
},
{
"category": "external",
"summary": "SUSE Bug 1223769 for CVE-2024-27051",
"url": "https://bugzilla.suse.com/1223769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-27051"
},
{
"cve": "CVE-2024-35937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there\u0027s another subframe in the A-MSDU\nbut the header isn\u0027t fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35937",
"url": "https://www.suse.com/security/cve/CVE-2024-35937"
},
{
"category": "external",
"summary": "SUSE Bug 1224526 for CVE-2024-35937",
"url": "https://bugzilla.suse.com/1224526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-35937"
},
{
"cve": "CVE-2024-36886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix UAF in error path\n\nSam Page (sam4k) working with Trend Micro Zero Day Initiative reported\na UAF in the tipc_buf_append() error path:\n\nBUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0\nlinux/net/core/skbuff.c:1183\nRead of size 8 at addr ffff88804d2a7c80 by task poc/8034\n\nCPU: 1 PID: 8034 Comm: poc Not tainted 6.8.2 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.0-debian-1.16.0-5 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack linux/lib/dump_stack.c:88\n dump_stack_lvl+0xd9/0x1b0 linux/lib/dump_stack.c:106\n print_address_description linux/mm/kasan/report.c:377\n print_report+0xc4/0x620 linux/mm/kasan/report.c:488\n kasan_report+0xda/0x110 linux/mm/kasan/report.c:601\n kfree_skb_list_reason+0x47e/0x4c0 linux/net/core/skbuff.c:1183\n skb_release_data+0x5af/0x880 linux/net/core/skbuff.c:1026\n skb_release_all linux/net/core/skbuff.c:1094\n __kfree_skb linux/net/core/skbuff.c:1108\n kfree_skb_reason+0x12d/0x210 linux/net/core/skbuff.c:1144\n kfree_skb linux/./include/linux/skbuff.h:1244\n tipc_buf_append+0x425/0xb50 linux/net/tipc/msg.c:186\n tipc_link_input+0x224/0x7c0 linux/net/tipc/link.c:1324\n tipc_link_rcv+0x76e/0x2d70 linux/net/tipc/link.c:1824\n tipc_rcv+0x45f/0x10f0 linux/net/tipc/node.c:2159\n tipc_udp_recv+0x73b/0x8f0 linux/net/tipc/udp_media.c:390\n udp_queue_rcv_one_skb+0xad2/0x1850 linux/net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x131/0xb00 linux/net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x165/0x3b0 linux/net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x2594/0x3400 linux/net/ipv4/udp.c:2422\n ip_protocol_deliver_rcu+0x30c/0x4e0 linux/net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2e4/0x520 linux/net/ipv4/ip_input.c:233\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_local_deliver+0x18e/0x1f0 linux/net/ipv4/ip_input.c:254\n dst_input linux/./include/net/dst.h:461\n ip_rcv_finish linux/net/ipv4/ip_input.c:449\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_rcv+0x2c5/0x5d0 linux/net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core+0x199/0x1e0 linux/net/core/dev.c:5534\n __netif_receive_skb+0x1f/0x1c0 linux/net/core/dev.c:5648\n process_backlog+0x101/0x6b0 linux/net/core/dev.c:5976\n __napi_poll.constprop.0+0xba/0x550 linux/net/core/dev.c:6576\n napi_poll linux/net/core/dev.c:6645\n net_rx_action+0x95a/0xe90 linux/net/core/dev.c:6781\n __do_softirq+0x21f/0x8e7 linux/kernel/softirq.c:553\n do_softirq linux/kernel/softirq.c:454\n do_softirq+0xb2/0xf0 linux/kernel/softirq.c:441\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x100/0x120 linux/kernel/softirq.c:381\n local_bh_enable linux/./include/linux/bottom_half.h:33\n rcu_read_unlock_bh linux/./include/linux/rcupdate.h:851\n __dev_queue_xmit+0x871/0x3ee0 linux/net/core/dev.c:4378\n dev_queue_xmit linux/./include/linux/netdevice.h:3169\n neigh_hh_output linux/./include/net/neighbour.h:526\n neigh_output linux/./include/net/neighbour.h:540\n ip_finish_output2+0x169f/0x2550 linux/net/ipv4/ip_output.c:235\n __ip_finish_output linux/net/ipv4/ip_output.c:313\n __ip_finish_output+0x49e/0x950 linux/net/ipv4/ip_output.c:295\n ip_finish_output+0x31/0x310 linux/net/ipv4/ip_output.c:323\n NF_HOOK_COND linux/./include/linux/netfilter.h:303\n ip_output+0x13b/0x2a0 linux/net/ipv4/ip_output.c:433\n dst_output linux/./include/net/dst.h:451\n ip_local_out linux/net/ipv4/ip_output.c:129\n ip_send_skb+0x3e5/0x560 linux/net/ipv4/ip_output.c:1492\n udp_send_skb+0x73f/0x1530 linux/net/ipv4/udp.c:963\n udp_sendmsg+0x1a36/0x2b40 linux/net/ipv4/udp.c:1250\n inet_sendmsg+0x105/0x140 linux/net/ipv4/af_inet.c:850\n sock_sendmsg_nosec linux/net/socket.c:730\n __sock_sendmsg linux/net/socket.c:745\n __sys_sendto+0x42c/0x4e0 linux/net/socket.c:2191\n __do_sys_sendto linux/net/socket.c:2203\n __se_sys_sendto linux/net/socket.c:2199\n __x64_sys_sendto+0xe0/0x1c0 linux/net/socket.c:2199\n do_syscall_x64 linux/arch/x86/entry/common.c:52\n do_syscall_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36886",
"url": "https://www.suse.com/security/cve/CVE-2024-36886"
},
{
"category": "external",
"summary": "SUSE Bug 1225730 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-36886"
},
{
"cve": "CVE-2024-36905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets\n\nTCP_SYN_RECV state is really special, it is only used by\ncross-syn connections, mostly used by fuzzers.\n\nIn the following crash [1], syzbot managed to trigger a divide\nby zero in tcp_rcv_space_adjust()\n\nA socket makes the following state transitions,\nwithout ever calling tcp_init_transfer(),\nmeaning tcp_init_buffer_space() is also not called.\n\n TCP_CLOSE\nconnect()\n TCP_SYN_SENT\n TCP_SYN_RECV\nshutdown() -\u003e tcp_shutdown(sk, SEND_SHUTDOWN)\n TCP_FIN_WAIT1\n\nTo fix this issue, change tcp_shutdown() to not\nperform a TCP_SYN_RECV -\u003e TCP_FIN_WAIT1 transition,\nwhich makes no sense anyway.\n\nWhen tcp_rcv_state_process() later changes socket state\nfrom TCP_SYN_RECV to TCP_ESTABLISH, then look at\nsk-\u003esk_shutdown to finally enter TCP_FIN_WAIT1 state,\nand send a FIN packet from a sane socket state.\n\nThis means tcp_send_fin() can now be called from BH\ncontext, and must use GFP_ATOMIC allocations.\n\n[1]\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 5084 Comm: syz-executor358 Not tainted 6.9.0-rc6-syzkaller-00022-g98369dccd2f8 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:tcp_rcv_space_adjust+0x2df/0x890 net/ipv4/tcp_input.c:767\nCode: e3 04 4c 01 eb 48 8b 44 24 38 0f b6 04 10 84 c0 49 89 d5 0f 85 a5 03 00 00 41 8b 8e c8 09 00 00 89 e8 29 c8 48 0f af c3 31 d2 \u003c48\u003e f7 f1 48 8d 1c 43 49 8d 96 76 08 00 00 48 89 d0 48 c1 e8 03 48\nRSP: 0018:ffffc900031ef3f0 EFLAGS: 00010246\nRAX: 0c677a10441f8f42 RBX: 000000004fb95e7e RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000027d4b11f R08: ffffffff89e535a4 R09: 1ffffffff25e6ab7\nR10: dffffc0000000000 R11: ffffffff8135e920 R12: ffff88802a9f8d30\nR13: dffffc0000000000 R14: ffff88802a9f8d00 R15: 1ffff1100553f2da\nFS: 00005555775c0380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1155bf2304 CR3: 000000002b9f2000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcp_recvmsg_locked+0x106d/0x25a0 net/ipv4/tcp.c:2513\n tcp_recvmsg+0x25d/0x920 net/ipv4/tcp.c:2578\n inet6_recvmsg+0x16a/0x730 net/ipv6/af_inet6.c:680\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x474/0xae0 net/socket.c:2939\n __sys_recvmmsg net/socket.c:3018 [inline]\n __do_sys_recvmmsg net/socket.c:3041 [inline]\n __se_sys_recvmmsg net/socket.c:3034 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3034\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7faeb6363db9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcc1997168 EFLAGS: 00000246 ORIG_RAX: 000000000000012b\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faeb6363db9\nRDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000001c\nR10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36905",
"url": "https://www.suse.com/security/cve/CVE-2024-36905"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36905",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-36905"
},
{
"cve": "CVE-2024-36954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36954",
"url": "https://www.suse.com/security/cve/CVE-2024-36954"
},
{
"category": "external",
"summary": "SUSE Bug 1225764 for CVE-2024-36954",
"url": "https://bugzilla.suse.com/1225764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-36954"
},
{
"cve": "CVE-2024-42098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ecdh - explicitly zeroize private_key\n\nprivate_key is overwritten with the key parameter passed in by the\ncaller (if present), or alternatively a newly generated private key.\nHowever, it is possible that the caller provides a key (or the newly\ngenerated key) which is shorter than the previous key. In that\nscenario, some key material from the previous key would not be\noverwritten. The easiest solution is to explicitly zeroize the entire\nprivate_key array first.\n\nNote that this patch slightly changes the behavior of this function:\npreviously, if the ecc_gen_privkey failed, the old private_key would\nremain. Now, the private_key is always zeroized. This behavior is\nconsistent with the case where params.key is set and ecc_is_key_valid\nfails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42098",
"url": "https://www.suse.com/security/cve/CVE-2024-42098"
},
{
"category": "external",
"summary": "SUSE Bug 1228779 for CVE-2024-42098",
"url": "https://bugzilla.suse.com/1228779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-42098"
},
{
"cve": "CVE-2024-42131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid overflows in dirty throttling logic\n\nThe dirty throttling logic is interspersed with assumptions that dirty\nlimits in PAGE_SIZE units fit into 32-bit (so that various multiplications\nfit into 64-bits). If limits end up being larger, we will hit overflows,\npossible divisions by 0 etc. Fix these problems by never allowing so\nlarge dirty limits as they have dubious practical value anyway. For\ndirty_bytes / dirty_background_bytes interfaces we can just refuse to set\nso large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so\nsimple as the dirty limit is computed from the amount of available memory\nwhich can change due to memory hotplug etc. So when converting dirty\nlimits from ratios to numbers of pages, we just don\u0027t allow the result to\nexceed UINT_MAX.\n\nThis is root-only triggerable problem which occurs when the operator\nsets dirty limits to \u003e16 TB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42131",
"url": "https://www.suse.com/security/cve/CVE-2024-42131"
},
{
"category": "external",
"summary": "SUSE Bug 1228650 for CVE-2024-42131",
"url": "https://bugzilla.suse.com/1228650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-42131"
},
{
"cve": "CVE-2024-42229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: aead,cipher - zeroize key buffer after use\n\nI.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding\ncryptographic information should be zeroized once they are no longer\nneeded. Accomplish this by using kfree_sensitive for buffers that\npreviously held the private key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42229",
"url": "https://www.suse.com/security/cve/CVE-2024-42229"
},
{
"category": "external",
"summary": "SUSE Bug 1228708 for CVE-2024-42229",
"url": "https://bugzilla.suse.com/1228708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-42229"
},
{
"cve": "CVE-2024-44995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n |\n \u25bc\n ......\nsetup tc |\n | \u25bc\n \u25bc DOWN: napi_disable()\nnapi_disable()(skip) |\n | |\n \u25bc \u25bc\n ...... ......\n | |\n \u25bc |\nnapi_enable() |\n \u25bc\n UINIT: netif_napi_del()\n |\n \u25bc\n ......\n |\n \u25bc\n INIT: netif_napi_add()\n |\n \u25bc\n ...... global reset start\n | |\n \u25bc \u25bc\n UP: napi_enable()(skip) ......\n | |\n \u25bc \u25bc\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44995",
"url": "https://www.suse.com/security/cve/CVE-2024-44995"
},
{
"category": "external",
"summary": "SUSE Bug 1230231 for CVE-2024-44995",
"url": "https://bugzilla.suse.com/1230231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-44995"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-46771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Remove proc entry when dev is unregistered.\n\nsyzkaller reported a warning in bcm_connect() below. [0]\n\nThe repro calls connect() to vxcan1, removes vxcan1, and calls\nconnect() with ifindex == 0.\n\nCalling connect() for a BCM socket allocates a proc entry.\nThen, bcm_sk(sk)-\u003ebound is set to 1 to prevent further connect().\n\nHowever, removing the bound device resets bcm_sk(sk)-\u003ebound to 0\nin bcm_notify().\n\nThe 2nd connect() tries to allocate a proc entry with the same\nname and sets NULL to bcm_sk(sk)-\u003ebcm_proc_read, leaking the\noriginal proc entry.\n\nSince the proc entry is available only for connect()ed sockets,\nlet\u0027s clean up the entry when the bound netdev is unregistered.\n\n[0]:\nproc_dir_entry \u0027can-bcm/2456\u0027 already registered\nWARNING: CPU: 1 PID: 394 at fs/proc/generic.c:376 proc_register+0x645/0x8f0 fs/proc/generic.c:375\nModules linked in:\nCPU: 1 PID: 394 Comm: syz-executor403 Not tainted 6.10.0-rc7-g852e42cc2dd4\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:proc_register+0x645/0x8f0 fs/proc/generic.c:375\nCode: 00 00 00 00 00 48 85 ed 0f 85 97 02 00 00 4d 85 f6 0f 85 9f 02 00 00 48 c7 c7 9b cb cf 87 48 89 de 4c 89 fa e8 1c 6f eb fe 90 \u003c0f\u003e 0b 90 90 48 c7 c7 98 37 99 89 e8 cb 7e 22 05 bb 00 00 00 10 48\nRSP: 0018:ffa0000000cd7c30 EFLAGS: 00010246\nRAX: 9e129be1950f0200 RBX: ff1100011b51582c RCX: ff1100011857cd80\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002\nRBP: 0000000000000000 R08: ffd400000000000f R09: ff1100013e78cac0\nR10: ffac800000cd7980 R11: ff1100013e12b1f0 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ff1100011a99a2ec\nFS: 00007fbd7086f740(0000) GS:ff1100013fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200071c0 CR3: 0000000118556004 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n proc_create_net_single+0x144/0x210 fs/proc/proc_net.c:220\n bcm_connect+0x472/0x840 net/can/bcm.c:1673\n __sys_connect_file net/socket.c:2049 [inline]\n __sys_connect+0x5d2/0x690 net/socket.c:2066\n __do_sys_connect net/socket.c:2076 [inline]\n __se_sys_connect net/socket.c:2073 [inline]\n __x64_sys_connect+0x8f/0x100 net/socket.c:2073\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1c0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7fbd708b0e5d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48\nRSP: 002b:00007fff8cd33f08 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbd708b0e5d\nRDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000040\nR10: 0000000000000040 R11: 0000000000000246 R12: 00007fff8cd34098\nR13: 0000000000401280 R14: 0000000000406de8 R15: 00007fbd70ab9000\n \u003c/TASK\u003e\nremove_proc_entry: removing non-empty directory \u0027net/can-bcm\u0027, leaking at least \u00272456\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46771",
"url": "https://www.suse.com/security/cve/CVE-2024-46771"
},
{
"category": "external",
"summary": "SUSE Bug 1230766 for CVE-2024-46771",
"url": "https://bugzilla.suse.com/1230766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-46771"
},
{
"cve": "CVE-2024-46777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Avoid excessive partition lengths\n\nAvoid mounting filesystems where the partition would overflow the\n32-bits used for block number. Also refuse to mount filesystems where\nthe partition length is so large we cannot safely index bits in a\nblock bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46777",
"url": "https://www.suse.com/security/cve/CVE-2024-46777"
},
{
"category": "external",
"summary": "SUSE Bug 1230773 for CVE-2024-46777",
"url": "https://bugzilla.suse.com/1230773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-46777"
},
{
"cve": "CVE-2024-46800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent\u0027s\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46800",
"url": "https://www.suse.com/security/cve/CVE-2024-46800"
},
{
"category": "external",
"summary": "SUSE Bug 1230827 for CVE-2024-46800",
"url": "https://bugzilla.suse.com/1230827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-46800"
},
{
"cve": "CVE-2024-47660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: clear PARENT_WATCHED flags lazily\n\nIn some setups directories can have many (usually negative) dentries.\nHence __fsnotify_update_child_dentry_flags() function can take a\nsignificant amount of time. Since the bulk of this function happens\nunder inode-\u003ei_lock this causes a significant contention on the lock\nwhen we remove the watch from the directory as the\n__fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask()\nraces with __fsnotify_update_child_dentry_flags() calls from\n__fsnotify_parent() happening on children. This can lead upto softlockup\nreports reported by users.\n\nFix the problem by calling fsnotify_update_children_dentry_flags() to\nset PARENT_WATCHED flags only when parent starts watching children.\n\nWhen parent stops watching children, clear false positive PARENT_WATCHED\nflags lazily in __fsnotify_parent() for each accessed child.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47660",
"url": "https://www.suse.com/security/cve/CVE-2024-47660"
},
{
"category": "external",
"summary": "SUSE Bug 1231439 for CVE-2024-47660",
"url": "https://bugzilla.suse.com/1231439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "low"
}
],
"title": "CVE-2024-47660"
},
{
"cve": "CVE-2024-47679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: fix race between evice_inodes() and find_inode()\u0026iput()\n\nHi, all\n\nRecently I noticed a bug[1] in btrfs, after digged it into\nand I believe it\u0027a race in vfs.\n\nLet\u0027s assume there\u0027s a inode (ie ino 261) with i_count 1 is\ncalled by iput(), and there\u0027s a concurrent thread calling\ngeneric_shutdown_super().\n\ncpu0: cpu1:\niput() // i_count is 1\n -\u003espin_lock(inode)\n -\u003edec i_count to 0\n -\u003eiput_final() generic_shutdown_super()\n -\u003e__inode_add_lru() -\u003eevict_inodes()\n // cause some reason[2] -\u003eif (atomic_read(inode-\u003ei_count)) continue;\n // return before // inode 261 passed the above check\n // list_lru_add_obj() // and then schedule out\n -\u003espin_unlock()\n// note here: the inode 261\n// was still at sb list and hash list,\n// and I_FREEING|I_WILL_FREE was not been set\n\nbtrfs_iget()\n // after some function calls\n -\u003efind_inode()\n // found the above inode 261\n -\u003espin_lock(inode)\n // check I_FREEING|I_WILL_FREE\n // and passed\n -\u003e__iget()\n -\u003espin_unlock(inode) // schedule back\n -\u003espin_lock(inode)\n // check (I_NEW|I_FREEING|I_WILL_FREE) flags,\n // passed and set I_FREEING\niput() -\u003espin_unlock(inode)\n -\u003espin_lock(inode)\t\t\t -\u003eevict()\n // dec i_count to 0\n -\u003eiput_final()\n -\u003espin_unlock()\n -\u003eevict()\n\nNow, we have two threads simultaneously evicting\nthe same inode, which may trigger the BUG(inode-\u003ei_state \u0026 I_CLEAR)\nstatement both within clear_inode() and iput().\n\nTo fix the bug, recheck the inode-\u003ei_count after holding i_lock.\nBecause in the most scenarios, the first check is valid, and\nthe overhead of spin_lock() can be reduced.\n\nIf there is any misunderstanding, please let me know, thanks.\n\n[1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/\n[2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable()\nreturn false when I reproduced the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47679",
"url": "https://www.suse.com/security/cve/CVE-2024-47679"
},
{
"category": "external",
"summary": "SUSE Bug 1231930 for CVE-2024-47679",
"url": "https://bugzilla.suse.com/1231930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-47679"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-49858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefistub/tpm: Use ACPI reclaim memory for event log to avoid corruption\n\nThe TPM event log table is a Linux specific construct, where the data\nproduced by the GetEventLog() boot service is cached in memory, and\npassed on to the OS using an EFI configuration table.\n\nThe use of EFI_LOADER_DATA here results in the region being left\nunreserved in the E820 memory map constructed by the EFI stub, and this\nis the memory description that is passed on to the incoming kernel by\nkexec, which is therefore unaware that the region should be reserved.\n\nEven though the utility of the TPM2 event log after a kexec is\nquestionable, any corruption might send the parsing code off into the\nweeds and crash the kernel. So let\u0027s use EFI_ACPI_RECLAIM_MEMORY\ninstead, which is always treated as reserved by the E820 conversion\nlogic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49858",
"url": "https://www.suse.com/security/cve/CVE-2024-49858"
},
{
"category": "external",
"summary": "SUSE Bug 1232251 for CVE-2024-49858",
"url": "https://bugzilla.suse.com/1232251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49858"
},
{
"cve": "CVE-2024-49868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a NULL pointer dereference when failed to start a new trasacntion\n\n[BUG]\nSyzbot reported a NULL pointer dereference with the following crash:\n\n FAULT_INJECTION: forcing a failure.\n start_transaction+0x830/0x1670 fs/btrfs/transaction.c:676\n prepare_to_relocate+0x31f/0x4c0 fs/btrfs/relocation.c:3642\n relocate_block_group+0x169/0xd20 fs/btrfs/relocation.c:3678\n ...\n BTRFS info (device loop0): balance: ended with status: -12\n Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cc: 0000 [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000660-0x0000000000000667]\n RIP: 0010:btrfs_update_reloc_root+0x362/0xa80 fs/btrfs/relocation.c:926\n Call Trace:\n \u003cTASK\u003e\n commit_fs_roots+0x2ee/0x720 fs/btrfs/transaction.c:1496\n btrfs_commit_transaction+0xfaf/0x3740 fs/btrfs/transaction.c:2430\n del_balance_item fs/btrfs/volumes.c:3678 [inline]\n reset_balance_state+0x25e/0x3c0 fs/btrfs/volumes.c:3742\n btrfs_balance+0xead/0x10c0 fs/btrfs/volumes.c:4574\n btrfs_ioctl_balance+0x493/0x7c0 fs/btrfs/ioctl.c:3673\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[CAUSE]\nThe allocation failure happens at the start_transaction() inside\nprepare_to_relocate(), and during the error handling we call\nunset_reloc_control(), which makes fs_info-\u003ebalance_ctl to be NULL.\n\nThen we continue the error path cleanup in btrfs_balance() by calling\nreset_balance_state() which will call del_balance_item() to fully delete\nthe balance item in the root tree.\n\nHowever during the small window between set_reloc_contrl() and\nunset_reloc_control(), we can have a subvolume tree update and created a\nreloc_root for that subvolume.\n\nThen we go into the final btrfs_commit_transaction() of\ndel_balance_item(), and into btrfs_update_reloc_root() inside\ncommit_fs_roots().\n\nThat function checks if fs_info-\u003ereloc_ctl is in the merge_reloc_tree\nstage, but since fs_info-\u003ereloc_ctl is NULL, it results a NULL pointer\ndereference.\n\n[FIX]\nJust add extra check on fs_info-\u003ereloc_ctl inside\nbtrfs_update_reloc_root(), before checking\nfs_info-\u003ereloc_ctl-\u003emerge_reloc_tree.\n\nThat DEAD_RELOC_TREE handling is to prevent further modification to the\nreloc tree during merge stage, but since there is no reloc_ctl at all,\nwe do not need to bother that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49868",
"url": "https://www.suse.com/security/cve/CVE-2024-49868"
},
{
"category": "external",
"summary": "SUSE Bug 1232272 for CVE-2024-49868",
"url": "https://bugzilla.suse.com/1232272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49868"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before used\n\n[WHAT \u0026 HOW]\nPoniters, such as dc-\u003eclk_mgr, are null checked previously in the same\nfunction, so Coverity warns \"implies that \"dc-\u003eclk_mgr\" might be null\".\nAs a result, these pointers need to be checked when used again.\n\nThis fixes 10 FORWARD_NULL issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49921",
"url": "https://www.suse.com/security/cve/CVE-2024-49921"
},
{
"category": "external",
"summary": "SUSE Bug 1232371 for CVE-2024-49921",
"url": "https://bugzilla.suse.com/1232371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49921"
},
{
"cve": "CVE-2024-49925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: efifb: Register sysfs groups through driver core\n\nThe driver core can register and cleanup sysfs groups already.\nMake use of that functionality to simplify the error handling and\ncleanup.\n\nAlso avoid a UAF race during unregistering where the sysctl attributes\nwere usable after the info struct was freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49925",
"url": "https://www.suse.com/security/cve/CVE-2024-49925"
},
{
"category": "external",
"summary": "SUSE Bug 1232224 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "external",
"summary": "SUSE Bug 1232225 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49925"
},
{
"cve": "CVE-2024-49938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n\nSyzbot points out that skb_trim() has a sanity check on the existing length of\nthe skb, which can be uninitialised in some error paths. The intent here is\nclearly just to reset the length to zero before resubmitting, so switch to\ncalling __skb_set_length(skb, 0) directly. In addition, __skb_set_length()\nalready contains a call to skb_reset_tail_pointer(), so remove the redundant\ncall.\n\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there\u0027s a similar\nusage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we\u0027re at it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49938",
"url": "https://www.suse.com/security/cve/CVE-2024-49938"
},
{
"category": "external",
"summary": "SUSE Bug 1232552 for CVE-2024-49938",
"url": "https://bugzilla.suse.com/1232552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49938"
},
{
"cve": "CVE-2024-49945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ncsi: Disable the ncsi work before freeing the associated structure\n\nThe work function can run after the ncsi device is freed, resulting\nin use-after-free bugs or kernel panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49945",
"url": "https://www.suse.com/security/cve/CVE-2024-49945"
},
{
"category": "external",
"summary": "SUSE Bug 1232165 for CVE-2024-49945",
"url": "https://bugzilla.suse.com/1232165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49945"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: prevent nf_skb_duplicated corruption\n\nsyzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write\nper-cpu variable nf_skb_duplicated in an unsafe way [1].\n\nDisabling preemption as hinted by the splat is not enough,\nwe have to disable soft interrupts as well.\n\n[1]\nBUG: using __this_cpu_write() in preemptible [00000000] code: syz.4.282/6316\n caller is nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\nCPU: 0 UID: 0 PID: 6316 Comm: syz.4.282 Not tainted 6.11.0-rc7-syzkaller-00104-g7052622fccb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n check_preemption_disabled+0x10e/0x120 lib/smp_processor_id.c:49\n nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\n nft_dup_ipv4_eval+0x1db/0x300 net/ipv4/netfilter/nft_dup_ipv4.c:30\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x202/0x320 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook+0x2c4/0x450 include/linux/netfilter.h:269\n NF_HOOK_COND include/linux/netfilter.h:302 [inline]\n ip_output+0x185/0x230 net/ipv4/ip_output.c:433\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n ip_send_skb+0x74/0x100 net/ipv4/ip_output.c:1495\n udp_send_skb+0xacf/0x1650 net/ipv4/udp.c:981\n udp_sendmsg+0x1c21/0x2a60 net/ipv4/udp.c:1269\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmmsg+0x3b2/0x740 net/socket.c:2737\n __do_sys_sendmmsg net/socket.c:2766 [inline]\n __se_sys_sendmmsg net/socket.c:2763 [inline]\n __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2763\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f4ce4f7def9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f4ce5d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133\nRAX: ffffffffffffffda RBX: 00007f4ce5135f80 RCX: 00007f4ce4f7def9\nRDX: 0000000000000001 RSI: 0000000020005d40 RDI: 0000000000000006\nRBP: 00007f4ce4ff0b76 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f4ce5135f80 R15: 00007ffd4cbc6d68\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49952",
"url": "https://www.suse.com/security/cve/CVE-2024-49952"
},
{
"category": "external",
"summary": "SUSE Bug 1232157 for CVE-2024-49952",
"url": "https://bugzilla.suse.com/1232157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-49952"
},
{
"cve": "CVE-2024-50044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change\n\nrfcomm_sk_state_change attempts to use sock_lock so it must never be\ncalled with it locked but rfcomm_sock_ioctl always attempt to lock it\ncausing the following trace:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted\n------------------------------------------------------\nsyz-executor386/5093 is trying to acquire lock:\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline]\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73\n\nbut task is already holding lock:\nffff88807badfd28 (\u0026d-\u003elock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50044",
"url": "https://www.suse.com/security/cve/CVE-2024-50044"
},
{
"category": "external",
"summary": "SUSE Bug 1231904 for CVE-2024-50044",
"url": "https://bugzilla.suse.com/1231904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50044"
},
{
"cve": "CVE-2024-50055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: bus: Fix double free in driver API bus_register()\n\nFor bus_register(), any error which happens after kset_register() will\ncause that @priv are freed twice, fixed by setting @priv with NULL after\nthe first free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50055",
"url": "https://www.suse.com/security/cve/CVE-2024-50055"
},
{
"category": "external",
"summary": "SUSE Bug 1232329 for CVE-2024-50055",
"url": "https://bugzilla.suse.com/1232329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50055"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nparport: Proper fix for array out-of-bounds access\n\nThe recent fix for array out-of-bounds accesses replaced sprintf()\ncalls blindly with snprintf(). However, since snprintf() returns the\nwould-be-printed size, not the actually output size, the length\ncalculation can still go over the given limit.\n\nUse scnprintf() instead of snprintf(), which returns the actually\noutput letters, for addressing the potential out-of-bounds access\nproperly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50074",
"url": "https://www.suse.com/security/cve/CVE-2024-50074"
},
{
"category": "external",
"summary": "SUSE Bug 1232507 for CVE-2024-50074",
"url": "https://bugzilla.suse.com/1232507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50074"
},
{
"cve": "CVE-2024-50095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mad: Improve handling of timed out WRs of mad agent\n\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv\nlock for every timed out WRs. This causes heavy locking contention\nwhen higher no. of WRs are to be handled inside timeout handler.\n\nThis leads to softlockup with below trace in some use cases where\nrdma-cm path is used to establish connection between peer nodes\n\nTrace:\n-----\n BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]\n CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE\n ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1\n Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019\n Workqueue: ib_mad1 timeout_sends [ib_core]\n RIP: 0010:__do_softirq+0x78/0x2ac\n RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246\n RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f\n RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b\n RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000\n R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __irq_exit_rcu+0xa1/0xc0\n ? watchdog_timer_fn+0x1b2/0x210\n ? __pfx_watchdog_timer_fn+0x10/0x10\n ? __hrtimer_run_queues+0x127/0x2c0\n ? hrtimer_interrupt+0xfc/0x210\n ? __sysvec_apic_timer_interrupt+0x5c/0x110\n ? sysvec_apic_timer_interrupt+0x37/0x90\n ? asm_sysvec_apic_timer_interrupt+0x16/0x20\n ? __do_softirq+0x78/0x2ac\n ? __do_softirq+0x60/0x2ac\n __irq_exit_rcu+0xa1/0xc0\n sysvec_call_function_single+0x72/0x90\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_call_function_single+0x16/0x20\n RIP: 0010:_raw_spin_unlock_irq+0x14/0x30\n RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247\n RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800\n RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c\n RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000\n R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538\n R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c\n cm_process_send_error+0x122/0x1d0 [ib_cm]\n timeout_sends+0x1dd/0x270 [ib_core]\n process_one_work+0x1e2/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n worker_thread+0x50/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e\n\nSimplified timeout handler by creating local list of timed out WRs\nand invoke send handler post creating the list. The new method acquires/\nreleases lock once to fetch the list and hence helps to reduce locking\ncontetiong when processing higher no. of WRs",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50095",
"url": "https://www.suse.com/security/cve/CVE-2024-50095"
},
{
"category": "external",
"summary": "SUSE Bug 1232873 for CVE-2024-50095",
"url": "https://bugzilla.suse.com/1232873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50095"
},
{
"cve": "CVE-2024-50099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Remove broken LDR (literal) uprobe support\n\nThe simulate_ldr_literal() and simulate_ldrsw_literal() functions are\nunsafe to use for uprobes. Both functions were originally written for\nuse with kprobes, and access memory with plain C accesses. When uprobes\nwas added, these were reused unmodified even though they cannot safely\naccess user memory.\n\nThere are three key problems:\n\n1) The plain C accesses do not have corresponding extable entries, and\n thus if they encounter a fault the kernel will treat these as\n unintentional accesses to user memory, resulting in a BUG() which\n will kill the kernel thread, and likely lead to further issues (e.g.\n lockup or panic()).\n\n2) The plain C accesses are subject to HW PAN and SW PAN, and so when\n either is in use, any attempt to simulate an access to user memory\n will fault. Thus neither simulate_ldr_literal() nor\n simulate_ldrsw_literal() can do anything useful when simulating a\n user instruction on any system with HW PAN or SW PAN.\n\n3) The plain C accesses are privileged, as they run in kernel context,\n and in practice can access a small range of kernel virtual addresses.\n The instructions they simulate have a range of +/-1MiB, and since the\n simulated instructions must itself be a user instructions in the\n TTBR0 address range, these can address the final 1MiB of the TTBR1\n acddress range by wrapping downwards from an address in the first\n 1MiB of the TTBR0 address range.\n\n In contemporary kernels the last 8MiB of TTBR1 address range is\n reserved, and accesses to this will always fault, meaning this is no\n worse than (1).\n\n Historically, it was theoretically possible for the linear map or\n vmemmap to spill into the final 8MiB of the TTBR1 address range, but\n in practice this is extremely unlikely to occur as this would\n require either:\n\n * Having enough physical memory to fill the entire linear map all the\n way to the final 1MiB of the TTBR1 address range.\n\n * Getting unlucky with KASLR randomization of the linear map such\n that the populated region happens to overlap with the last 1MiB of\n the TTBR address range.\n\n ... and in either case if we were to spill into the final page there\n would be larger problems as the final page would alias with error\n pointers.\n\nPractically speaking, (1) and (2) are the big issues. Given there have\nbeen no reports of problems since the broken code was introduced, it\nappears that no-one is relying on probing these instructions with\nuprobes.\n\nAvoid these issues by not allowing uprobes on LDR (literal) and LDRSW\n(literal), limiting the use of simulate_ldr_literal() and\nsimulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR\n(literal) and LDRSW (literal) will be rejected as\narm_probe_decode_insn() will return INSN_REJECTED. In future we can\nconsider introducing working uprobes support for these instructions, but\nthis will require more significant work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50099",
"url": "https://www.suse.com/security/cve/CVE-2024-50099"
},
{
"category": "external",
"summary": "SUSE Bug 1232887 for CVE-2024-50099",
"url": "https://bugzilla.suse.com/1232887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50099"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Guard against bad data for ATIF ACPI method\n\nIf a BIOS provides bad data in response to an ATIF method call\nthis causes a NULL pointer dereference in the caller.\n\n```\n? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1))\n? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434)\n? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2))\n? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1))\n? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642)\n? exc_page_fault (arch/x86/mm/fault.c:1542)\n? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu\n```\n\nIt has been encountered on at least one system, so guard for it.\n\n(cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50117",
"url": "https://www.suse.com/security/cve/CVE-2024-50117"
},
{
"category": "external",
"summary": "SUSE Bug 1232897 for CVE-2024-50117",
"url": "https://bugzilla.suse.com/1232897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50117"
},
{
"cve": "CVE-2024-50125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn-\u003esk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn-\u003esk is still valid by checking if it part of\nsco_sk_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50125",
"url": "https://www.suse.com/security/cve/CVE-2024-50125"
},
{
"category": "external",
"summary": "SUSE Bug 1232928 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "external",
"summary": "SUSE Bug 1232929 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50125"
},
{
"cve": "CVE-2024-50135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-pci: fix race condition between reset and nvme_dev_disable()\n\nnvme_dev_disable() modifies the dev-\u003eonline_queues field, therefore\nnvme_pci_update_nr_queues() should avoid racing against it, otherwise\nwe could end up passing invalid values to blk_mq_update_nr_hw_queues().\n\n WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347\n pci_irq_get_affinity+0x187/0x210\n Workqueue: nvme-reset-wq nvme_reset_work [nvme]\n RIP: 0010:pci_irq_get_affinity+0x187/0x210\n Call Trace:\n \u003cTASK\u003e\n ? blk_mq_pci_map_queues+0x87/0x3c0\n ? pci_irq_get_affinity+0x187/0x210\n blk_mq_pci_map_queues+0x87/0x3c0\n nvme_pci_map_queues+0x189/0x460 [nvme]\n blk_mq_update_nr_hw_queues+0x2a/0x40\n nvme_reset_work+0x1be/0x2a0 [nvme]\n\nFix the bug by locking the shutdown_lock mutex before using\ndev-\u003eonline_queues. Give up if nvme_dev_disable() is running or if\nit has been executed already.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50135",
"url": "https://www.suse.com/security/cve/CVE-2024-50135"
},
{
"category": "external",
"summary": "SUSE Bug 1232888 for CVE-2024-50135",
"url": "https://bugzilla.suse.com/1232888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50135"
},
{
"cve": "CVE-2024-50148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere\u0027s issue as follows:\n KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W\n RIP: 0010:proto_unregister+0xee/0x400\n Call Trace:\n \u003cTASK\u003e\n __do_sys_delete_module+0x318/0x580\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock\u0027s resource.\nTo solve above issue just return bnep_sock_init()\u0027s return value in\nbnep_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50148",
"url": "https://www.suse.com/security/cve/CVE-2024-50148"
},
{
"category": "external",
"summary": "SUSE Bug 1233063 for CVE-2024-50148",
"url": "https://bugzilla.suse.com/1233063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50148"
},
{
"cve": "CVE-2024-50150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmode should keep reference to parent\n\nThe altmode device release refers to its parent device, but without keeping\na reference to it.\n\nWhen registering the altmode, get a reference to the parent and put it in\nthe release function.\n\nBefore this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues\nlike this:\n\n[ 43.572860] kobject: \u0027port0.0\u0027 (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.573532] kobject: \u0027port0.1\u0027 (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000)\n[ 43.574407] kobject: \u0027port0\u0027 (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.575059] kobject: \u0027port1.0\u0027 (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.575908] kobject: \u0027port1.1\u0027 (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.576908] kobject: \u0027typec\u0027 (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.577769] kobject: \u0027port1\u0027 (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 46.612867] ==================================================================\n[ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129\n[ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48\n[ 46.614538]\n[ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535\n[ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 46.616042] Workqueue: events kobject_delayed_cleanup\n[ 46.616446] Call Trace:\n[ 46.616648] \u003cTASK\u003e\n[ 46.616820] dump_stack_lvl+0x5b/0x7c\n[ 46.617112] ? typec_altmode_release+0x38/0x129\n[ 46.617470] print_report+0x14c/0x49e\n[ 46.617769] ? rcu_read_unlock_sched+0x56/0x69\n[ 46.618117] ? __virt_addr_valid+0x19a/0x1ab\n[ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d\n[ 46.618807] ? typec_altmode_release+0x38/0x129\n[ 46.619161] kasan_report+0x8d/0xb4\n[ 46.619447] ? typec_altmode_release+0x38/0x129\n[ 46.619809] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620185] typec_altmode_release+0x38/0x129\n[ 46.620537] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620907] device_release+0xaf/0xf2\n[ 46.621206] kobject_delayed_cleanup+0x13b/0x17a\n[ 46.621584] process_scheduled_works+0x4f6/0x85f\n[ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10\n[ 46.622353] ? hlock_class+0x31/0x9a\n[ 46.622647] ? lock_acquired+0x361/0x3c3\n[ 46.622956] ? move_linked_works+0x46/0x7d\n[ 46.623277] worker_thread+0x1ce/0x291\n[ 46.623582] ? __kthread_parkme+0xc8/0xdf\n[ 46.623900] ? __pfx_worker_thread+0x10/0x10\n[ 46.624236] kthread+0x17e/0x190\n[ 46.624501] ? kthread+0xfb/0x190\n[ 46.624756] ? __pfx_kthread+0x10/0x10\n[ 46.625015] ret_from_fork+0x20/0x40\n[ 46.625268] ? __pfx_kthread+0x10/0x10\n[ 46.625532] ret_from_fork_asm+0x1a/0x30\n[ 46.625805] \u003c/TASK\u003e\n[ 46.625953]\n[ 46.626056] Allocated by task 678:\n[ 46.626287] kasan_save_stack+0x24/0x44\n[ 46.626555] kasan_save_track+0x14/0x2d\n[ 46.626811] __kasan_kmalloc+0x3f/0x4d\n[ 46.627049] __kmalloc_noprof+0x1bf/0x1f0\n[ 46.627362] typec_register_port+0x23/0x491\n[ 46.627698] cros_typec_probe+0x634/0xbb6\n[ 46.628026] platform_probe+0x47/0x8c\n[ 46.628311] really_probe+0x20a/0x47d\n[ 46.628605] device_driver_attach+0x39/0x72\n[ 46.628940] bind_store+0x87/0xd7\n[ 46.629213] kernfs_fop_write_iter+0x1aa/0x218\n[ 46.629574] vfs_write+0x1d6/0x29b\n[ 46.629856] ksys_write+0xcd/0x13b\n[ 46.630128] do_syscall_64+0xd4/0x139\n[ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 46.630820]\n[ 46.630946] Freed by task 48:\n[ 46.631182] kasan_save_stack+0x24/0x44\n[ 46.631493] kasan_save_track+0x14/0x2d\n[ 46.631799] kasan_save_free_info+0x3f/0x4d\n[ 46.632144] __kasan_slab_free+0x37/0x45\n[ 46.632474]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50150",
"url": "https://www.suse.com/security/cve/CVE-2024-50150"
},
{
"category": "external",
"summary": "SUSE Bug 1233051 for CVE-2024-50150",
"url": "https://bugzilla.suse.com/1233051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50150"
},
{
"cve": "CVE-2024-50154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don\u0027t use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req-\u003esk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer-\u003eentry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req-\u003esk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req-\u003esk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req-\u003esk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req-\u003esk\n\nLet\u0027s not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50154",
"url": "https://www.suse.com/security/cve/CVE-2024-50154"
},
{
"category": "external",
"summary": "SUSE Bug 1233070 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "external",
"summary": "SUSE Bug 1233072 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: fix potential memory leak in be_xmit()\n\nThe be_xmit() returns NETDEV_TX_OK without freeing skb\nin case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50167",
"url": "https://www.suse.com/security/cve/CVE-2024-50167"
},
{
"category": "external",
"summary": "SUSE Bug 1233049 for CVE-2024-50167",
"url": "https://bugzilla.suse.com/1233049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50167"
},
{
"cve": "CVE-2024-50171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: fix potential memory leak in bcm_sysport_xmit()\n\nThe bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb\nin case of dma_map_single() fails, add dev_kfree_skb() to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50171",
"url": "https://www.suse.com/security/cve/CVE-2024-50171"
},
{
"category": "external",
"summary": "SUSE Bug 1233057 for CVE-2024-50171",
"url": "https://bugzilla.suse.com/1233057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50171"
},
{
"cve": "CVE-2024-50179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: remove the incorrect Fw reference check when dirtying pages\n\nWhen doing the direct-io reads it will also try to mark pages dirty,\nbut for the read path it won\u0027t hold the Fw caps and there is case\nwill it get the Fw reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50179",
"url": "https://www.suse.com/security/cve/CVE-2024-50179"
},
{
"category": "external",
"summary": "SUSE Bug 1233123 for CVE-2024-50179",
"url": "https://bugzilla.suse.com/1233123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50179"
},
{
"cve": "CVE-2024-50183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance\n\nDeleting an NPIV instance requires all fabric ndlps to be released before\nan NPIV\u0027s resources can be torn down. Failure to release fabric ndlps\nbeforehand opens kref imbalance race conditions. Fix by forcing the DA_ID\nto complete synchronously with usage of wait_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50183",
"url": "https://www.suse.com/security/cve/CVE-2024-50183"
},
{
"category": "external",
"summary": "SUSE Bug 1233130 for CVE-2024-50183",
"url": "https://bugzilla.suse.com/1233130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50183"
},
{
"cve": "CVE-2024-50187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: Stop the active perfmon before being destroyed\n\nUpon closing the file descriptor, the active performance monitor is not\nstopped. Although all perfmons are destroyed in `vc4_perfmon_close_file()`,\nthe active performance monitor\u0027s pointer (`vc4-\u003eactive_perfmon`) is still\nretained.\n\nIf we open a new file descriptor and submit a few jobs with performance\nmonitors, the driver will attempt to stop the active performance monitor\nusing the stale pointer in `vc4-\u003eactive_perfmon`. However, this pointer\nis no longer valid because the previous process has already terminated,\nand all performance monitors associated with it have been destroyed and\nfreed.\n\nTo fix this, when the active performance monitor belongs to a given\nprocess, explicitly stop it before destroying and freeing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50187",
"url": "https://www.suse.com/security/cve/CVE-2024-50187"
},
{
"category": "external",
"summary": "SUSE Bug 1233108 for CVE-2024-50187",
"url": "https://bugzilla.suse.com/1233108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50187"
},
{
"cve": "CVE-2024-50194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50194"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Fix uprobes for big-endian kernels\n\nThe arm64 uprobes code is broken for big-endian kernels as it doesn\u0027t\nconvert the in-memory instruction encoding (which is always\nlittle-endian) into the kernel\u0027s native endianness before analyzing and\nsimulating instructions. This may result in a few distinct problems:\n\n* The kernel may may erroneously reject probing an instruction which can\n safely be probed.\n\n* The kernel may erroneously erroneously permit stepping an\n instruction out-of-line when that instruction cannot be stepped\n out-of-line safely.\n\n* The kernel may erroneously simulate instruction incorrectly dur to\n interpretting the byte-swapped encoding.\n\nThe endianness mismatch isn\u0027t caught by the compiler or sparse because:\n\n* The arch_uprobe::{insn,ixol} fields are encoded as arrays of u8, so\n the compiler and sparse have no idea these contain a little-endian\n 32-bit value. The core uprobes code populates these with a memcpy()\n which similarly does not handle endianness.\n\n* While the uprobe_opcode_t type is an alias for __le32, both\n arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() cast from u8[]\n to the similarly-named probe_opcode_t, which is an alias for u32.\n Hence there is no endianness conversion warning.\n\nFix this by changing the arch_uprobe::{insn,ixol} fields to __le32 and\nadding the appropriate __le32_to_cpu() conversions prior to consuming\nthe instruction encoding. The core uprobes copies these fields as opaque\nranges of bytes, and so is unaffected by this change.\n\nAt the same time, remove MAX_UINSN_BYTES and consistently use\nAARCH64_INSN_SIZE for clarity.\n\nTested with the following:\n\n| #include \u003cstdio.h\u003e\n| #include \u003cstdbool.h\u003e\n|\n| #define noinline __attribute__((noinline))\n|\n| static noinline void *adrp_self(void)\n| {\n| void *addr;\n|\n| asm volatile(\n| \" adrp %x0, adrp_self\\n\"\n| \" add %x0, %x0, :lo12:adrp_self\\n\"\n| : \"=r\" (addr));\n| }\n|\n|\n| int main(int argc, char *argv)\n| {\n| void *ptr = adrp_self();\n| bool equal = (ptr == adrp_self);\n|\n| printf(\"adrp_self =\u003e %p\\n\"\n| \"adrp_self() =\u003e %p\\n\"\n| \"%s\\n\",\n| adrp_self, ptr, equal ? \"EQUAL\" : \"NOT EQUAL\");\n|\n| return 0;\n| }\n\n.... where the adrp_self() function was compiled to:\n\n| 00000000004007e0 \u003cadrp_self\u003e:\n| 4007e0: 90000000 adrp x0, 400000 \u003c__ehdr_start\u003e\n| 4007e4: 911f8000 add x0, x0, #0x7e0\n| 4007e8: d65f03c0 ret\n\nBefore this patch, the ADRP is not recognized, and is assumed to be\nsteppable, resulting in corruption of the result:\n\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL\n| # echo \u0027p /root/adrp-self:0x007e0\u0027 \u003e /sys/kernel/tracing/uprobe_events\n| # echo 1 \u003e /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0xffffffffff7e0\n| NOT EQUAL\n\nAfter this patch, the ADRP is correctly recognized and simulated:\n\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL\n| #\n| # echo \u0027p /root/adrp-self:0x007e0\u0027 \u003e /sys/kernel/tracing/uprobe_events\n| # echo 1 \u003e /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50194",
"url": "https://www.suse.com/security/cve/CVE-2024-50194"
},
{
"category": "external",
"summary": "SUSE Bug 1233111 for CVE-2024-50194",
"url": "https://bugzilla.suse.com/1233111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50194"
},
{
"cve": "CVE-2024-50195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50195"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: Fix missing timespec64 check in pc_clock_settime()\n\nAs Andrew pointed out, it will make sense that the PTP core\nchecked timespec64 struct\u0027s tv_sec and tv_nsec range before calling\nptp-\u003einfo-\u003esettime64().\n\nAs the man manual of clock_settime() said, if tp.tv_sec is negative or\ntp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL,\nwhich include dynamic clocks which handles PTP clock, and the condition is\nconsistent with timespec64_valid(). As Thomas suggested, timespec64_valid()\nonly check the timespec is valid, but not ensure that the time is\nin a valid range, so check it ahead using timespec64_valid_strict()\nin pc_clock_settime() and return -EINVAL if not valid.\n\nThere are some drivers that use tp-\u003etv_sec and tp-\u003etv_nsec directly to\nwrite registers without validity checks and assume that the higher layer\nhas checked it, which is dangerous and will benefit from this, such as\nhclge_ptp_settime(), igb_ptp_settime_i210(), _rcar_gen4_ptp_settime(),\nand some drivers can remove the checks of itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50195",
"url": "https://www.suse.com/security/cve/CVE-2024-50195"
},
{
"category": "external",
"summary": "SUSE Bug 1233103 for CVE-2024-50195",
"url": "https://bugzilla.suse.com/1233103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50195"
},
{
"cve": "CVE-2024-50210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50210"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\n\nIf get_clock_desc() succeeds, it calls fget() for the clockid\u0027s fd,\nand get the clk-\u003erwsem read lock, so the error path should release\nthe lock to make the lock balance and fput the clockid\u0027s fd to make\nthe refcount balance and release the fd related resource.\n\nHowever the below commit left the error path locked behind resulting in\nunbalanced locking. Check timespec64_valid_strict() before\nget_clock_desc() to fix it, because the \"ts\" is not changed\nafter that.\n\n[pabeni@redhat.com: fixed commit message typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50210",
"url": "https://www.suse.com/security/cve/CVE-2024-50210"
},
{
"category": "external",
"summary": "SUSE Bug 1233097 for CVE-2024-50210",
"url": "https://bugzilla.suse.com/1233097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50210"
},
{
"cve": "CVE-2024-50218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50218"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: pass u64 to ocfs2_truncate_inline maybe overflow\n\nSyzbot reported a kernel BUG in ocfs2_truncate_inline. There are two\nreasons for this: first, the parameter value passed is greater than\nocfs2_max_inline_data_with_xattr, second, the start and end parameters of\nocfs2_truncate_inline are \"unsigned int\".\n\nSo, we need to add a sanity check for byte_start and byte_len right before\nocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater\nthan ocfs2_max_inline_data_with_xattr return -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50218",
"url": "https://www.suse.com/security/cve/CVE-2024-50218"
},
{
"category": "external",
"summary": "SUSE Bug 1233191 for CVE-2024-50218",
"url": "https://bugzilla.suse.com/1233191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50218"
},
{
"cve": "CVE-2024-50234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlegacy: Clear stale interrupts before resuming device\n\niwl4965 fails upon resume from hibernation on my laptop. The reason\nseems to be a stale interrupt which isn\u0027t being cleared out before\ninterrupts are enabled. We end up with a race beween the resume\ntrying to bring things back up, and the restart work (queued form\nthe interrupt handler) trying to bring things down. Eventually\nthe whole thing blows up.\n\nFix the problem by clearing out any stale interrupts before\ninterrupts get enabled during resume.\n\nHere\u0027s a debug log of the indicent:\n[ 12.042589] ieee80211 phy0: il_isr ISR inta 0x00000080, enabled 0xaa00008b, fh 0x00000000\n[ 12.042625] ieee80211 phy0: il4965_irq_tasklet inta 0x00000080, enabled 0x00000000, fh 0x00000000\n[ 12.042651] iwl4965 0000:10:00.0: RF_KILL bit toggled to enable radio.\n[ 12.042653] iwl4965 0000:10:00.0: On demand firmware reload\n[ 12.042690] ieee80211 phy0: il4965_irq_tasklet End inta 0x00000000, enabled 0xaa00008b, fh 0x00000000, flags 0x00000282\n[ 12.052207] ieee80211 phy0: il4965_mac_start enter\n[ 12.052212] ieee80211 phy0: il_prep_station Add STA to driver ID 31: ff:ff:ff:ff:ff:ff\n[ 12.052244] ieee80211 phy0: il4965_set_hw_ready hardware ready\n[ 12.052324] ieee80211 phy0: il_apm_init Init card\u0027s basic functions\n[ 12.052348] ieee80211 phy0: il_apm_init L1 Enabled; Disabling L0S\n[ 12.055727] ieee80211 phy0: il4965_load_bsm Begin load bsm\n[ 12.056140] ieee80211 phy0: il4965_verify_bsm Begin verify bsm\n[ 12.058642] ieee80211 phy0: il4965_verify_bsm BSM bootstrap uCode image OK\n[ 12.058721] ieee80211 phy0: il4965_load_bsm BSM write complete, poll 1 iterations\n[ 12.058734] ieee80211 phy0: __il4965_up iwl4965 is coming up\n[ 12.058737] ieee80211 phy0: il4965_mac_start Start UP work done.\n[ 12.058757] ieee80211 phy0: __il4965_down iwl4965 is going down\n[ 12.058761] ieee80211 phy0: il_scan_cancel_timeout Scan cancel timeout\n[ 12.058762] ieee80211 phy0: il_do_scan_abort Not performing scan to abort\n[ 12.058765] ieee80211 phy0: il_clear_ucode_stations Clearing ucode stations in driver\n[ 12.058767] ieee80211 phy0: il_clear_ucode_stations No active stations found to be cleared\n[ 12.058819] ieee80211 phy0: _il_apm_stop Stop card, put in low power state\n[ 12.058827] ieee80211 phy0: _il_apm_stop_master stop master\n[ 12.058864] ieee80211 phy0: il4965_clear_free_frames 0 frames on pre-allocated heap on clear.\n[ 12.058869] ieee80211 phy0: Hardware restart was requested\n[ 16.132299] iwl4965 0000:10:00.0: START_ALIVE timeout after 4000ms.\n[ 16.132303] ------------[ cut here ]------------\n[ 16.132304] Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n[ 16.132338] WARNING: CPU: 0 PID: 181 at net/mac80211/util.c:1826 ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132390] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev\n[ 16.132456] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Not tainted 6.11.0-cl+ #143\n[ 16.132460] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010\n[ 16.132463] Workqueue: async async_run_entry_fn\n[ 16.132469] RIP: 0010:ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132501] Code: da 02 00 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50234",
"url": "https://www.suse.com/security/cve/CVE-2024-50234"
},
{
"category": "external",
"summary": "SUSE Bug 1233211 for CVE-2024-50234",
"url": "https://bugzilla.suse.com/1233211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50234"
},
{
"cve": "CVE-2024-50236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50236"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: Fix memory leak in management tx\n\nIn the current logic, memory is allocated for storing the MSDU context\nduring management packet TX but this memory is not being freed during\nmanagement TX completion. Similar leaks are seen in the management TX\ncleanup logic.\n\nKmemleak reports this problem as below,\n\nunreferenced object 0xffffff80b64ed250 (size 16):\n comm \"kworker/u16:7\", pid 148, jiffies 4294687130 (age 714.199s)\n hex dump (first 16 bytes):\n 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t......\n backtrace:\n [\u003cffffffe6e7b245dc\u003e] __kmem_cache_alloc_node+0x1e4/0x2d8\n [\u003cffffffe6e7adde88\u003e] kmalloc_trace+0x48/0x110\n [\u003cffffffe6bbd765fc\u003e] ath10k_wmi_tlv_op_gen_mgmt_tx_send+0xd4/0x1d8 [ath10k_core]\n [\u003cffffffe6bbd3eed4\u003e] ath10k_mgmt_over_wmi_tx_work+0x134/0x298 [ath10k_core]\n [\u003cffffffe6e78d5974\u003e] process_scheduled_works+0x1ac/0x400\n [\u003cffffffe6e78d60b8\u003e] worker_thread+0x208/0x328\n [\u003cffffffe6e78dc890\u003e] kthread+0x100/0x1c0\n [\u003cffffffe6e78166c0\u003e] ret_from_fork+0x10/0x20\n\nFree the memory during completion and cleanup to fix the leak.\n\nProtect the mgmt_pending_tx idr_remove() operation in\nath10k_wmi_tlv_op_cleanup_mgmt_tx_send() using ar-\u003edata_lock similar to\nother instances.\n\nTested-on: WCN3990 hw1.0 SNOC WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50236",
"url": "https://www.suse.com/security/cve/CVE-2024-50236"
},
{
"category": "external",
"summary": "SUSE Bug 1233212 for CVE-2024-50236",
"url": "https://bugzilla.suse.com/1233212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50236"
},
{
"cve": "CVE-2024-50237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: do not pass a stopped vif to the driver in .get_txpower\n\nAvoid potentially crashing in the driver because of uninitialized private data",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50237",
"url": "https://www.suse.com/security/cve/CVE-2024-50237"
},
{
"category": "external",
"summary": "SUSE Bug 1233216 for CVE-2024-50237",
"url": "https://bugzilla.suse.com/1233216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50237"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
},
{
"cve": "CVE-2024-50265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50265"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()\n\nSyzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove():\n\n[ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12\n[ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. Leaking 1 clusters and removing the entry\n[ 57.321727] BUG: kernel NULL pointer dereference, address: 0000000000000004\n[...]\n[ 57.325727] RIP: 0010:ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[...]\n[ 57.331328] Call Trace:\n[ 57.331477] \u003cTASK\u003e\n[...]\n[ 57.333511] ? do_user_addr_fault+0x3e5/0x740\n[ 57.333778] ? exc_page_fault+0x70/0x170\n[ 57.334016] ? asm_exc_page_fault+0x2b/0x30\n[ 57.334263] ? __pfx_ocfs2_xa_block_wipe_namevalue+0x10/0x10\n[ 57.334596] ? ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[ 57.334913] ocfs2_xa_remove_entry+0x23/0xc0\n[ 57.335164] ocfs2_xa_set+0x704/0xcf0\n[ 57.335381] ? _raw_spin_unlock+0x1a/0x40\n[ 57.335620] ? ocfs2_inode_cache_unlock+0x16/0x20\n[ 57.335915] ? trace_preempt_on+0x1e/0x70\n[ 57.336153] ? start_this_handle+0x16c/0x500\n[ 57.336410] ? preempt_count_sub+0x50/0x80\n[ 57.336656] ? _raw_read_unlock+0x20/0x40\n[ 57.336906] ? start_this_handle+0x16c/0x500\n[ 57.337162] ocfs2_xattr_block_set+0xa6/0x1e0\n[ 57.337424] __ocfs2_xattr_set_handle+0x1fd/0x5d0\n[ 57.337706] ? ocfs2_start_trans+0x13d/0x290\n[ 57.337971] ocfs2_xattr_set+0xb13/0xfb0\n[ 57.338207] ? dput+0x46/0x1c0\n[ 57.338393] ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338665] ? ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338948] __vfs_removexattr+0x92/0xc0\n[ 57.339182] __vfs_removexattr_locked+0xd5/0x190\n[ 57.339456] ? preempt_count_sub+0x50/0x80\n[ 57.339705] vfs_removexattr+0x5f/0x100\n[...]\n\nReproducer uses faultinject facility to fail ocfs2_xa_remove() -\u003e\nocfs2_xa_value_truncate() with -ENOMEM.\n\nIn this case the comment mentions that we can return 0 if\nocfs2_xa_cleanup_value_truncate() is going to wipe the entry\nanyway. But the following \u0027rc\u0027 check is wrong and execution flow do\n\u0027ocfs2_xa_remove_entry(loc);\u0027 twice:\n* 1st: in ocfs2_xa_cleanup_value_truncate();\n* 2nd: returning back to ocfs2_xa_remove() instead of going to \u0027out\u0027.\n\nFix this by skipping the 2nd removal of the same entry and making\nsyzkaller repro happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50265",
"url": "https://www.suse.com/security/cve/CVE-2024-50265"
},
{
"category": "external",
"summary": "SUSE Bug 1233454 for CVE-2024-50265",
"url": "https://bugzilla.suse.com/1233454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50265"
},
{
"cve": "CVE-2024-50267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50267"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(\u0026urb-\u003edev-\u003edev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer. Store the \"dev\" pointer at the\nstart of the function to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50267",
"url": "https://www.suse.com/security/cve/CVE-2024-50267"
},
{
"category": "external",
"summary": "SUSE Bug 1233456 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "external",
"summary": "SUSE Bug 1233711 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50267"
},
{
"cve": "CVE-2024-50273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reinitialize delayed ref list after deleting it from the list\n\nAt insert_delayed_ref() if we need to update the action of an existing\nref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head\u0027s\nref_add_list using list_del(), which leaves the ref\u0027s add_list member\nnot reinitialized, as list_del() sets the next and prev members of the\nlist to LIST_POISON1 and LIST_POISON2, respectively.\n\nIf later we end up calling drop_delayed_ref() against the ref, which can\nhappen during merging or when destroying delayed refs due to a transaction\nabort, we can trigger a crash since at drop_delayed_ref() we call\nlist_empty() against the ref\u0027s add_list, which returns false since\nthe list was not reinitialized after the list_del() and as a consequence\nwe call list_del() again at drop_delayed_ref(). This results in an\ninvalid list access since the next and prev members are set to poison\npointers, resulting in a splat if CONFIG_LIST_HARDENED and\nCONFIG_DEBUG_LIST are set or invalid poison pointer dereferences\notherwise.\n\nSo fix this by deleting from the list with list_del_init() instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50273",
"url": "https://www.suse.com/security/cve/CVE-2024-50273"
},
{
"category": "external",
"summary": "SUSE Bug 1233462 for CVE-2024-50273",
"url": "https://bugzilla.suse.com/1233462"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50273"
},
{
"cve": "CVE-2024-50278",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50278"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix potential out-of-bounds access on the first resume\n\nOut-of-bounds access occurs if the fast device is expanded unexpectedly\nbefore the first-time resume of the cache table. This happens because\nexpanding the fast device requires reloading the cache table for\ncache_create to allocate new in-core data structures that fit the new\nsize, and the check in cache_preresume is not performed during the\nfirst resume, leading to the issue.\n\nReproduce steps:\n\n1. prepare component devices:\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\n\n2. load a cache table of 512 cache blocks, and deliberately expand the\n fast device before resuming the cache, making the in-core data\n structures inadequate.\n\ndmsetup create cache --notable\ndmsetup reload cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\ndmsetup reload cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\n3. suspend the cache to write out the in-core dirty bitset and hint\n array, leading to out-of-bounds access to the dirty bitset at offset\n 0x40:\n\ndmsetup suspend cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in is_dirty_callback+0x2b/0x80\n Read of size 8 at addr ffffc90000085040 by task dmsetup/90\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc90000085000, ffffc90000087000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc90000084f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000084f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n \u003effffc90000085000: 00 00 00 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc90000085080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000085100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by checking the size change on the first resume.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50278",
"url": "https://www.suse.com/security/cve/CVE-2024-50278"
},
{
"category": "external",
"summary": "SUSE Bug 1233467 for CVE-2024-50278",
"url": "https://bugzilla.suse.com/1233467"
},
{
"category": "external",
"summary": "SUSE Bug 1233709 for CVE-2024-50278",
"url": "https://bugzilla.suse.com/1233709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50278"
},
{
"cve": "CVE-2024-50279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix out-of-bounds access to the dirty bitset when resizing\n\ndm-cache checks the dirty bits of the cache blocks to be dropped when\nshrinking the fast device, but an index bug in bitset iteration causes\nout-of-bounds access.\n\nReproduce steps:\n\n1. create a cache device of 1024 cache blocks (128 bytes dirty bitset)\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. shrink the fast device to 512 cache blocks, triggering out-of-bounds\n access to the dirty bitset (offset 0x80)\n\ndmsetup suspend cache\ndmsetup reload cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0\n Read of size 8 at addr ffffc900000f3080 by task dmsetup/131\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc900000f3000, ffffc900000f5000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by making the index post-incremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50279",
"url": "https://www.suse.com/security/cve/CVE-2024-50279"
},
{
"category": "external",
"summary": "SUSE Bug 1233468 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "external",
"summary": "SUSE Bug 1233708 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50279"
},
{
"cve": "CVE-2024-50289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50289"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: av7110: fix a spectre vulnerability\n\nAs warned by smatch:\n\tdrivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue \u0027av7110-\u003eci_slot\u0027 [w] (local cap)\n\nThere is a spectre-related vulnerability at the code. Fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50289",
"url": "https://www.suse.com/security/cve/CVE-2024-50289"
},
{
"category": "external",
"summary": "SUSE Bug 1233478 for CVE-2024-50289",
"url": "https://bugzilla.suse.com/1233478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50289"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when uninstalling driver\n\nWhen the driver is uninstalled and the VF is disabled concurrently, a\nkernel crash occurs. The reason is that the two actions call function\npci_disable_sriov(). The num_VFs is checked to determine whether to\nrelease the corresponding resources. During the second calling, num_VFs\nis not 0 and the resource release function is called. However, the\ncorresponding resource has been released during the first invoking.\nTherefore, the problem occurs:\n\n[15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n...\n[15278.131557][T50670] Call trace:\n[15278.134686][T50670] klist_put+0x28/0x12c\n[15278.138682][T50670] klist_del+0x14/0x20\n[15278.142592][T50670] device_del+0xbc/0x3c0\n[15278.146676][T50670] pci_remove_bus_device+0x84/0x120\n[15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80\n[15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c\n[15278.162485][T50670] sriov_disable+0x50/0x11c\n[15278.166829][T50670] pci_disable_sriov+0x24/0x30\n[15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3]\n[15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge]\n[15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230\n[15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30\n[15278.193848][T50670] invoke_syscall+0x50/0x11c\n[15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164\n[15278.203837][T50670] do_el0_svc+0x34/0xcc\n[15278.207834][T50670] el0_svc+0x20/0x30\n\nFor details, see the following figure.\n\n rmmod hclge disable VFs\n----------------------------------------------------\nhclge_exit() sriov_numvfs_store()\n ... device_lock()\n pci_disable_sriov() hns3_pci_sriov_configure()\n pci_disable_sriov()\n sriov_disable()\n sriov_disable() if !num_VFs :\n if !num_VFs : return;\n return; sriov_del_vfs()\n sriov_del_vfs() ...\n ... klist_put()\n klist_put() ...\n ... num_VFs = 0;\n num_VFs = 0; device_unlock();\n\nIn this patch, when driver is removing, we get the device_lock()\nto protect num_VFs, just like sriov_numvfs_store().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50296",
"url": "https://www.suse.com/security/cve/CVE-2024-50296"
},
{
"category": "external",
"summary": "SUSE Bug 1233485 for CVE-2024-50296",
"url": "https://bugzilla.suse.com/1233485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-50296"
},
{
"cve": "CVE-2024-50301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern \u00270xxxxxxxe6\u0027.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node-\u003eback_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------\u003e+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50301",
"url": "https://www.suse.com/security/cve/CVE-2024-50301"
},
{
"category": "external",
"summary": "SUSE Bug 1233490 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "external",
"summary": "SUSE Bug 1233680 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50301"
},
{
"cve": "CVE-2024-50302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let\u0027s\nzero-initialize it during allocation to make sure that it can\u0027t be ever used\nto leak kernel memory via specially-crafted report.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50302",
"url": "https://www.suse.com/security/cve/CVE-2024-50302"
},
{
"category": "external",
"summary": "SUSE Bug 1233491 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "external",
"summary": "SUSE Bug 1233679 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2024-53058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data\n\nIn case the non-paged data of a SKB carries protocol header and protocol\npayload to be transmitted on a certain platform that the DMA AXI address\nwidth is configured to 40-bit/48-bit, or the size of the non-paged data\nis bigger than TSO_MAX_BUFF_SIZE on a certain platform that the DMA AXI\naddress width is configured to 32-bit, then this SKB requires at least\ntwo DMA transmit descriptors to serve it.\n\nFor example, three descriptors are allocated to split one DMA buffer\nmapped from one piece of non-paged data:\n dma_desc[N + 0],\n dma_desc[N + 1],\n dma_desc[N + 2].\nThen three elements of tx_q-\u003etx_skbuff_dma[] will be allocated to hold\nextra information to be reused in stmmac_tx_clean():\n tx_q-\u003etx_skbuff_dma[N + 0],\n tx_q-\u003etx_skbuff_dma[N + 1],\n tx_q-\u003etx_skbuff_dma[N + 2].\nNow we focus on tx_q-\u003etx_skbuff_dma[entry].buf, which is the DMA buffer\naddress returned by DMA mapping call. stmmac_tx_clean() will try to\nunmap the DMA buffer _ONLY_IF_ tx_q-\u003etx_skbuff_dma[entry].buf\nis a valid buffer address.\n\nThe expected behavior that saves DMA buffer address of this non-paged\ndata to tx_q-\u003etx_skbuff_dma[entry].buf is:\n tx_q-\u003etx_skbuff_dma[N + 0].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 1].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 2].buf = dma_map_single();\nUnfortunately, the current code misbehaves like this:\n tx_q-\u003etx_skbuff_dma[N + 0].buf = dma_map_single();\n tx_q-\u003etx_skbuff_dma[N + 1].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 2].buf = NULL;\n\nOn the stmmac_tx_clean() side, when dma_desc[N + 0] is closed by the\nDMA engine, tx_q-\u003etx_skbuff_dma[N + 0].buf is a valid buffer address\nobviously, then the DMA buffer will be unmapped immediately.\nThere may be a rare case that the DMA engine does not finish the\npending dma_desc[N + 1], dma_desc[N + 2] yet. Now things will go\nhorribly wrong, DMA is going to access a unmapped/unreferenced memory\nregion, corrupted data will be transmited or iommu fault will be\ntriggered :(\n\nIn contrast, the for-loop that maps SKB fragments behaves perfectly\nas expected, and that is how the driver should do for both non-paged\ndata and paged frags actually.\n\nThis patch corrects DMA map/unmap sequences by fixing the array index\nfor tx_q-\u003etx_skbuff_dma[entry].buf when assigning DMA buffer address.\n\nTested and verified on DWXGMAC CORE 3.20a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53058",
"url": "https://www.suse.com/security/cve/CVE-2024-53058"
},
{
"category": "external",
"summary": "SUSE Bug 1233552 for CVE-2024-53058",
"url": "https://bugzilla.suse.com/1233552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-53058"
},
{
"cve": "CVE-2024-53061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: s5p-jpeg: prevent buffer overflows\n\nThe current logic allows word to be less than 2. If this happens,\nthere will be buffer overflows, as reported by smatch. Add extra\nchecks to prevent it.\n\nWhile here, remove an unused word = 0 assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53061",
"url": "https://www.suse.com/security/cve/CVE-2024-53061"
},
{
"category": "external",
"summary": "SUSE Bug 1233555 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "external",
"summary": "SUSE Bug 1233621 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-53061"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: Fix KMSAN warning in decode_getfattr_attrs()\n\nFix the following KMSAN warning:\n\nCPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B\nTainted: [B]=BAD_PAGE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n=====================================================\n=====================================================\nBUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_generic+0x806/0xb00\n nfs4_xdr_dec_getattr+0x1de/0x240\n rpcauth_unwrap_resp_decode+0xab/0x100\n rpcauth_unwrap_resp+0x95/0xc0\n call_decode+0x4ff/0xb50\n __rpc_execute+0x57b/0x19d0\n rpc_execute+0x368/0x5e0\n rpc_run_task+0xcfe/0xee0\n nfs4_proc_getattr+0x5b5/0x990\n __nfs_revalidate_inode+0x477/0xd00\n nfs_access_get_cached+0x1021/0x1cc0\n nfs_do_access+0x9f/0xae0\n nfs_permission+0x1e4/0x8c0\n inode_permission+0x356/0x6c0\n link_path_walk+0x958/0x1330\n path_lookupat+0xce/0x6b0\n filename_lookup+0x23e/0x770\n vfs_statx+0xe7/0x970\n vfs_fstatat+0x1f2/0x2c0\n __se_sys_newfstatat+0x67/0x880\n __x64_sys_newfstatat+0xbd/0x120\n x64_sys_call+0x1826/0x3cf0\n do_syscall_64+0xd0/0x1b0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe KMSAN warning is triggered in decode_getfattr_attrs(), when calling\ndecode_attr_mdsthreshold(). It appears that fattr-\u003emdsthreshold is not\ninitialized.\n\nFix the issue by initializing fattr-\u003emdsthreshold to NULL in\nnfs_fattr_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53066",
"url": "https://www.suse.com/security/cve/CVE-2024-53066"
},
{
"category": "external",
"summary": "SUSE Bug 1233560 for CVE-2024-53066",
"url": "https://bugzilla.suse.com/1233560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-53066"
},
{
"cve": "CVE-2024-53085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Lock TPM chip in tpm_pm_suspend() first\n\nSetting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy\naccording, as this leaves window for tpm_hwrng_read() to be called while\nthe operation is in progress. The recent bug report gives also evidence of\nthis behaviour.\n\nAadress this by locking the TPM chip before checking any chip-\u003eflags both\nin tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED\ncheck inside tpm_get_random() so that it will be always checked only when\nthe lock is reserved.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53085",
"url": "https://www.suse.com/security/cve/CVE-2024-53085"
},
{
"category": "external",
"summary": "SUSE Bug 1233577 for CVE-2024-53085",
"url": "https://bugzilla.suse.com/1233577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-53085"
},
{
"cve": "CVE-2024-53088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix race condition by adding filter\u0027s intermediate sync state\n\nFix a race condition in the i40e driver that leads to MAC/VLAN filters\nbecoming corrupted and leaking. Address the issue that occurs under\nheavy load when multiple threads are concurrently modifying MAC/VLAN\nfilters by setting mac and port VLAN.\n\n1. Thread T0 allocates a filter in i40e_add_filter() within\n i40e_ndo_set_vf_port_vlan().\n2. Thread T1 concurrently frees the filter in __i40e_del_filter() within\n i40e_ndo_set_vf_mac().\n3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which\n refers to the already freed filter memory, causing corruption.\n\nReproduction steps:\n1. Spawn multiple VFs.\n2. Apply a concurrent heavy load by running parallel operations to change\n MAC addresses on the VFs and change port VLANs on the host.\n3. Observe errors in dmesg:\n\"Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,\n\tplease set promiscuous on manually for VF XX\".\n\nExact code for stable reproduction Intel can\u0027t open-source now.\n\nThe fix involves implementing a new intermediate filter state,\nI40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list.\nThese filters cannot be deleted from the hash list directly but\nmust be removed using the full process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53088",
"url": "https://www.suse.com/security/cve/CVE-2024-53088"
},
{
"category": "external",
"summary": "SUSE Bug 1233580 for CVE-2024-53088",
"url": "https://bugzilla.suse.com/1233580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-53088"
},
{
"cve": "CVE-2024-53104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format\n\nThis can lead to out of bounds writes since frames of this type were not\ntaken into account when calculating the size of the frames buffer in\nuvc_parse_streaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53104",
"url": "https://www.suse.com/security/cve/CVE-2024-53104"
},
{
"category": "external",
"summary": "SUSE Bug 1234025 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "external",
"summary": "SUSE Bug 1236783 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1236783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2024-53104"
},
{
"cve": "CVE-2024-53114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client\n\nA number of Zen4 client SoCs advertise the ability to use virtualized\nVMLOAD/VMSAVE, but using these instructions is reported to be a cause\nof a random host reboot.\n\nThese instructions aren\u0027t intended to be advertised on Zen4 client\nso clear the capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53114",
"url": "https://www.suse.com/security/cve/CVE-2024-53114"
},
{
"category": "external",
"summary": "SUSE Bug 1234072 for CVE-2024-53114",
"url": "https://bugzilla.suse.com/1234072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-53114"
},
{
"cve": "CVE-2024-53142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninitramfs: avoid filename buffer overrun\n\nThe initramfs filename field is defined in\nDocumentation/driver-api/early-userspace/buffer-format.rst as:\n\n 37 cpio_file := ALGN(4) + cpio_header + filename + \"\\0\" + ALGN(4) + data\n...\n 55 ============= ================== =========================\n 56 Field name Field size Meaning\n 57 ============= ================== =========================\n...\n 70 c_namesize 8 bytes Length of filename, including final \\0\n\nWhen extracting an initramfs cpio archive, the kernel\u0027s do_name() path\nhandler assumes a zero-terminated path at @collected, passing it\ndirectly to filp_open() / init_mkdir() / init_mknod().\n\nIf a specially crafted cpio entry carries a non-zero-terminated filename\nand is followed by uninitialized memory, then a file may be created with\ntrailing characters that represent the uninitialized memory. The ability\nto create an initramfs entry would imply already having full control of\nthe system, so the buffer overrun shouldn\u0027t be considered a security\nvulnerability.\n\nAppend the output of the following bash script to an existing initramfs\nand observe any created /initramfs_test_fname_overrunAA* path. E.g.\n ./reproducer.sh | gzip \u003e\u003e /myinitramfs\n\nIt\u0027s easiest to observe non-zero uninitialized memory when the output is\ngzipped, as it\u0027ll overflow the heap allocated @out_buf in __gunzip(),\nrather than the initrd_start+initrd_size block.\n\n---- reproducer.sh ----\nnilchar=\"A\"\t# change to \"\\0\" to properly zero terminate / pad\nmagic=\"070701\"\nino=1\nmode=$(( 0100777 ))\nuid=0\ngid=0\nnlink=1\nmtime=1\nfilesize=0\ndevmajor=0\ndevminor=1\nrdevmajor=0\nrdevminor=0\ncsum=0\nfname=\"initramfs_test_fname_overrun\"\nnamelen=$(( ${#fname} + 1 ))\t# plus one to account for terminator\n\nprintf \"%s%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%s\" \\\n\t$magic $ino $mode $uid $gid $nlink $mtime $filesize \\\n\t$devmajor $devminor $rdevmajor $rdevminor $namelen $csum $fname\n\ntermpadlen=$(( 1 + ((4 - ((110 + $namelen) \u0026 3)) % 4) ))\nprintf \"%.s${nilchar}\" $(seq 1 $termpadlen)\n---- reproducer.sh ----\n\nSymlink filename fields handled in do_symlink() won\u0027t overrun past the\ndata segment, due to the explicit zero-termination of the symlink\ntarget.\n\nFix filename buffer overrun by aborting the initramfs FSM if any cpio\nentry doesn\u0027t carry a zero-terminator at the expected (name_len - 1)\noffset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53142",
"url": "https://www.suse.com/security/cve/CVE-2024-53142"
},
{
"category": "external",
"summary": "SUSE Bug 1232436 for CVE-2024-53142",
"url": "https://bugzilla.suse.com/1232436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-1-8.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-17T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2024-53142"
}
]
}
suse-su-2024:1643-1
Vulnerability from csaf_suse
Published
2024-05-14 13:38
Modified
2024-05-14 13:38
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).
- CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509).
- CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060).
- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
- CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442).
- CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554).
- CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580).
- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).
- CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662).
- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).
- CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521).
- CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528).
- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).
- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).
- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).
- CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611).
- CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706).
- CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743).
- CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625).
- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).
- CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794).
- CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).
- CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687).
- CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640).
- CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692).
- CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).
- CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769).
- CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).
- CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745).
- CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777).
- CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).
- CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).
- CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846).
- CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).
- CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).
- CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
- CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548).
- CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575).
- CVE-2021-47118: Fixed an use-after-free in init task's struct pid in pid (bsc#1221605).
- CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608).
- CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
- CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934).
- CVE-2021-47141: Fixed a null pointer dereference on priv->msix_vectors when driver is unloaded in gve (bsc#1221949).
- CVE-2021-47142: Fixed an use-after-free on ttm->sg in drm/amdgpu (bsc#1221952).
- CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).
- CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).
- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).
- CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).
- CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).
- CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).
- CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).
- CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998).
- CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991).
- CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002).
- CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000).
- CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994).
- CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993).
- CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997).
- CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001).
- CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999).
- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878)
- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
- CVE-2022-0487: Fixed an use-after-free vulnerability in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).
- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2022-48672: Fixed off-by-one error in unflatten_dt_nodes() (bsc#1223931).
- CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).
- CVE-2022-48702: Fixed out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).
- CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
- CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162).
- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).
- CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).
- CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-24855: Fixed race condition in lpfc_unregister_fcf_rescan() that could lead to a kernel panic or denial of service issue (bsc#1219618).
- CVE-2024-24861: Fixed race condition in xc4000_get_frequency() that could lead to malfunction or denial of service issue (bsc#1219623).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
- CVE-2024-26704: fixed double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)
- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)
- CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609).
- CVE-2024-26754: Fixed ab use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)
- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)
- CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).
- CVE-2024-26791: Properly validated device names in btrfs dev-replace (bsc#1222793)
- CVE-2024-26793: fixed use-after-free and null-ptr-deref in gtp_newlink() (bsc#1222428).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
- CVE-2024-26839: Fixed a memory leak in init_credit_return() (bsc#1222975)
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).
- CVE-2024-26876: Fixed crash on irq during probe, related to adv7511_probe() (bsc#1223119).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).
- CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-27008: Fixed out of bounds access in nv04 (CVE-2024-27008 bsc#1223802).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
- CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).
- CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).
- CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).
- CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).
- CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).
The following non-security bugs were fixed:
- Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).
- Input: drv260x - sleep between polling GO bit (git-fixes).
- Input: ipaq-micro-keys - add error handling for devm_kmemdup.
- Input: xpad - add PXN V900 support.
- USB: core: Fix deadlock in usb_deauthorize_interface().
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- bluetooth: btqca: Fixed a coding style error (git-fixes).
- bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).
- bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).
- bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
- bnx2x: Fix enabling network interfaces without VFs (git-fixes).
- bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).
- ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).
- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).
- fuse: do not unhash root (bsc#1223954).
- iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).
- iommu/amd: Mark interrupt as managed (git-fixes).
- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).
- iommu/amd: Silence warnings under memory pressure (git-fixes).
- iommu: Check if group is NULL before remove device (git-fixes).
- kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi).
- lan78xx: Add missing return code checks (git-fixes).
- lan78xx: Add support to dump lan78xx registers (git-fixes).
- lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).
- lan78xx: Fix exception on link speed change (git-fixes).
- lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
- lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
- lan78xx: Fix white space and style issues (git-fixes).
- lan78xx: Modify error messages (git-fixes).
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- net/mlx5: Properly convey driver version to firmware (git-fixes).
- net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).
- net/tls: Remove the context from the list in tls_device_down (bsc#1221545).
- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).
- net: lan78xx: Make declaration style consistent (git-fixes).
- net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
- net: lan78xx: remove set but not used variable 'event' (git-fixes).
- net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).
- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git-fixes).
- net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).
- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).
- nfs: commit errors should be fatal (git-fixes).
- nfs: fix O_DIRECT commit verifier handling (git-fixes).
- nfs: fix O_DIRECT locking issues (git-fixes).
- nfs: fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).
- nfs: fix an off by one in root_nfs_cat() (git-fixes).
- nfs: fix direct WRITE throughput regression (git-fixes).
- nfs: fix error handling for O_DIRECT write scheduling (git-fixes).
- nfs: more O_DIRECT accounting fixes for error paths (git-fixes).
- nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).
- nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).
- nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- nfsd: Retransmit callbacks after client reconnects (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).
- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
- pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).
- pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
- pci/aspm: Avoid link retraining race (git-fixes).
- pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).
- pci/aspm: Do not warn if already in common clock mode (git-fixes).
- pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).
- pci/aspm: Reduce severity of common clock config message (git-fixes).
- pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).
- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
- pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).
- pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).
- pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).
- pci/pm: Power up all devices during runtime resume (git-fixes).
- pci/sysfs: Protect driver's D3cold preference from user space (git-fixes).
- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
- pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).
- pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).
- pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).
- pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).
- pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
- pci: Rework pcie_retrain_link() wait loop (git-fixes).
- pci: aardvark: Fix setting MSI address (git-fixes).
- pci: aardvark: Fix support for MSI interrupts (git-fixes).
- pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
- pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).
- pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).
- pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).
- pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).
- pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
- pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).
- pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).
- pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).
- pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).
- printk: Disable passing console lock owner completely during panic() (bsc#1197894).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1223969).
- rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
- tls: Fix context leak on tls_device_down (bsc#1221545).
- tty/sysrq: replace smp_processor_id() with get_cpu() (bsc#1223540).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- tun: honor IOCB_NOWAIT flag (git-fixes).
- usb: dwc2: Fix memory leak in dwc2_hcd_init.
- usb: dwc2: check return value after calling platform_get_resource() (git-fixes).
- usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).
- usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
- usb: musb: Modify the 'HWVers' register address (git-fixes).
- usb: roles: do not get/set_role() when usb_role_switch is unregistered.
- usb: serial: option: add Fibocom L7xx modules (git-fixes).
- usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).
- usb: storage: set 1.50 as the lower bcdDevice for older 'Super Top' compatibility (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
- usb: usbfs: Do not WARN about excessively large memory allocations.
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
Patchnames
SUSE-2024-1643,SUSE-SLE-SERVER-12-SP5-2024-1643
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).\n- CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509).\n- CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060).\n- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).\n- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).\n- CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442).\n- CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554).\n- CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580).\n- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).\n- CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662).\n- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).\n- CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521).\n- CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528).\n- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).\n- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).\n- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).\n- CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611).\n- CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706).\n- CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743).\n- CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625).\n- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).\n- CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794).\n- CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).\n- CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687).\n- CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640).\n- CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692).\n- CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).\n- CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769).\n- CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).\n- CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync\u0027ing SRCU (bsc#1220745).\n- CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777).\n- CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).\n- CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).\n- CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846).\n- CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).\n- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).\n- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).\n- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).\n- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).\n- CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).\n- CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).\n- CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548).\n- CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575).\n- CVE-2021-47118: Fixed an use-after-free in init task\u0027s struct pid in pid (bsc#1221605).\n- CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608).\n- CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).\n- CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934).\n- CVE-2021-47141: Fixed a null pointer dereference on priv-\u003emsix_vectors when driver is unloaded in gve (bsc#1221949).\n- CVE-2021-47142: Fixed an use-after-free on ttm-\u003esg in drm/amdgpu (bsc#1221952).\n- CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).\n- CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).\n- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).\n- CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).\n- CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).\n- CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).\n- CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).\n- CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998).\n- CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991).\n- CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002).\n- CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000).\n- CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994).\n- CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993).\n- CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997).\n- CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001).\n- CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999).\n- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).\n- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).\n- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).\n- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).\n- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).\n- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).\n- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878)\n- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).\n- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).\n- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).\n- CVE-2022-0487: Fixed an use-after-free vulnerability in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).\n- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223513).\n- CVE-2022-48672: Fixed off-by-one error in unflatten_dt_nodes() (bsc#1223931).\n- CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).\n- CVE-2022-48702: Fixed out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923).\n- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).\n- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).\n- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).\n- CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).\n- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).\n- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).\n- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).\n- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).\n- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).\n- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).\n- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).\n- CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162).\n- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).\n- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).\n- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).\n- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).\n- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).\n- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).\n- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).\n- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).\n- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).\n- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).\n- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).\n- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).\n- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).\n- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).\n- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).\n- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).\n- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).\n- CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).\n- CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)\n- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).\n- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).\n- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).\n- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).\n- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).\n- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).\n- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).\n- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).\n- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).\n- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).\n- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).\n- CVE-2024-24855: Fixed race condition in lpfc_unregister_fcf_rescan() that could lead to a kernel panic or denial of service issue (bsc#1219618).\n- CVE-2024-24861: Fixed race condition in xc4000_get_frequency() that could lead to malfunction or denial of service issue (bsc#1219623).\n- CVE-2024-26614: Fixed the initialization of accept_queue\u0027s spinlocks (bsc#1221293).\n- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).\n- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).\n- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).\n- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).\n- CVE-2024-26704: fixed double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)\n- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)\n- CVE-2024-26747: Fixed a NULL pointer issue with USB parent module\u0027s reference (bsc#1222609).\n- CVE-2024-26754: Fixed ab use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).\n- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).\n- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)\n- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).\n- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).\n- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)\n- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)\n- CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).\n- CVE-2024-26791: Properly validated device names in btrfs dev-replace (bsc#1222793)\n- CVE-2024-26793: fixed use-after-free and null-ptr-deref in gtp_newlink() (bsc#1222428).\n- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).\n- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).\n- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).\n- CVE-2024-26839: Fixed a memory leak in init_credit_return() (bsc#1222975)\n- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).\n- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).\n- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).\n- CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).\n- CVE-2024-26876: Fixed crash on irq during probe, related to adv7511_probe() (bsc#1223119).\n- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).\n- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).\n- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).\n- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).\n- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).\n- CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).\n- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).\n- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).\n- CVE-2024-27008: Fixed out of bounds access in nv04 (CVE-2024-27008 bsc#1223802).\n- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).\n- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).\n- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).\n- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).\n- CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).\n- CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).\n- CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).\n- CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).\n- CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).\n\nThe following non-security bugs were fixed:\n\n- Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).\n- Input: drv260x - sleep between polling GO bit (git-fixes).\n- Input: ipaq-micro-keys - add error handling for devm_kmemdup.\n- Input: xpad - add PXN V900 support.\n- USB: core: Fix deadlock in usb_deauthorize_interface().\n- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).\n- atl1c: fix error return code in atl1c_probe() (git-fixes).\n- atl1e: fix error return code in atl1e_probe() (git-fixes).\n- bluetooth: btqca: Fixed a coding style error (git-fixes).\n- bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).\n- bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).\n- bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).\n- bnx2x: Fix enabling network interfaces without VFs (git-fixes).\n- bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).\n- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).\n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).\n- ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).\n- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).\n- fuse: do not unhash root (bsc#1223954).\n- iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).\n- iommu/amd: Mark interrupt as managed (git-fixes).\n- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).\n- iommu/amd: Silence warnings under memory pressure (git-fixes).\n- iommu: Check if group is NULL before remove device (git-fixes).\n- kabi fix for pNFS: Fix the pnfs block driver\u0027s calculation of layoutget size (git-fixes).\n- kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi).\n- lan78xx: Add missing return code checks (git-fixes).\n- lan78xx: Add support to dump lan78xx registers (git-fixes).\n- lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).\n- lan78xx: Fix exception on link speed change (git-fixes).\n- lan78xx: Fix partial packet errors on suspend/resume (git-fixes).\n- lan78xx: Fix race conditions in suspend/resume handling (git-fixes).\n- lan78xx: Fix white space and style issues (git-fixes).\n- lan78xx: Modify error messages (git-fixes).\n- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).\n- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).\n- net/mlx5: Properly convey driver version to firmware (git-fixes).\n- net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).\n- net/tls: Remove the context from the list in tls_device_down (bsc#1221545).\n- net: Fix features skip in for_each_netdev_feature() (git-fixes).\n- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).\n- net: atheros: switch from \u0027pci_\u0027 to \u0027dma_\u0027 API (git-fixes).\n- net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).\n- net: lan78xx: Make declaration style consistent (git-fixes).\n- net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).\n- net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).\n- net: lan78xx: remove set but not used variable \u0027event\u0027 (git-fixes).\n- net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).\n- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).\n- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).\n- net: usb: lan78xx: Remove lots of set but unused \u0027ret\u0027 variables (git-fixes).\n- net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).\n- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).\n- nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).\n- nfs: commit errors should be fatal (git-fixes).\n- nfs: fix O_DIRECT commit verifier handling (git-fixes).\n- nfs: fix O_DIRECT locking issues (git-fixes).\n- nfs: fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).\n- nfs: fix an off by one in root_nfs_cat() (git-fixes).\n- nfs: fix direct WRITE throughput regression (git-fixes).\n- nfs: fix error handling for O_DIRECT write scheduling (git-fixes).\n- nfs: more O_DIRECT accounting fixes for error paths (git-fixes).\n- nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).\n- nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).\n- nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).\n- nfsd: Retransmit callbacks after client reconnects (git-fixes).\n- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).\n- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).\n- pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).\n- pNFS: Fix the pnfs block driver\u0027s calculation of layoutget size (git-fixes).\n- pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).\n- pci/aspm: Avoid link retraining race (git-fixes).\n- pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).\n- pci/aspm: Do not warn if already in common clock mode (git-fixes).\n- pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).\n- pci/aspm: Reduce severity of common clock config message (git-fixes).\n- pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).\n- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).\n- pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).\n- pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).\n- pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).\n- pci/pm: Power up all devices during runtime resume (git-fixes).\n- pci/sysfs: Protect driver\u0027s D3cold preference from user space (git-fixes).\n- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n- pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).\n- pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).\n- pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).\n- pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).\n- pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).\n- pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).\n- pci: Rework pcie_retrain_link() wait loop (git-fixes).\n- pci: aardvark: Fix setting MSI address (git-fixes).\n- pci: aardvark: Fix support for MSI interrupts (git-fixes).\n- pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).\n- pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).\n- pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).\n- pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).\n- pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).\n- pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).\n- pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).\n- pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).\n- pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).\n- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).\n- pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).\n- printk: Disable passing console lock owner completely during panic() (bsc#1197894).\n- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1223969).\n- rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).\n- s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).\n- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).\n- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).\n- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).\n- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).\n- scsi: qla2xxx: Fix double free of fcport (bsc1221816).\n- scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer (bsc1221816).\n- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).\n- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).\n- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).\n- scsi: qla2xxx: Update manufacturer detail (bsc1221816).\n- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).\n- sr9800: Add check for usbnet_get_endpoints (git-fixes).\n- sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).\n- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).\n- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).\n- tls: Fix context leak on tls_device_down (bsc#1221545).\n- tty/sysrq: replace smp_processor_id() with get_cpu() (bsc#1223540).\n- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).\n- tun: honor IOCB_NOWAIT flag (git-fixes).\n- usb: dwc2: Fix memory leak in dwc2_hcd_init.\n- usb: dwc2: check return value after calling platform_get_resource() (git-fixes).\n- usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).\n- usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).\n- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).\n- usb: musb: Modify the \u0027HWVers\u0027 register address (git-fixes).\n- usb: roles: do not get/set_role() when usb_role_switch is unregistered.\n- usb: serial: option: add Fibocom L7xx modules (git-fixes).\n- usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).\n- usb: storage: set 1.50 as the lower bcdDevice for older \u0027Super Top\u0027 compatibility (git-fixes).\n- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).\n- usb: usbfs: Do not WARN about excessively large memory allocations.\n- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).\n- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1643,SUSE-SLE-SERVER-12-SP5-2024-1643",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1643-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1643-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241643-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1643-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-May/035264.html"
},
{
"category": "self",
"summary": "SUSE Bug 1084332",
"url": "https://bugzilla.suse.com/1084332"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1184509",
"url": "https://bugzilla.suse.com/1184509"
},
{
"category": "self",
"summary": "SUSE Bug 1186060",
"url": "https://bugzilla.suse.com/1186060"
},
{
"category": "self",
"summary": "SUSE Bug 1190317",
"url": "https://bugzilla.suse.com/1190317"
},
{
"category": "self",
"summary": "SUSE Bug 1190576",
"url": "https://bugzilla.suse.com/1190576"
},
{
"category": "self",
"summary": "SUSE Bug 1192145",
"url": "https://bugzilla.suse.com/1192145"
},
{
"category": "self",
"summary": "SUSE Bug 1194516",
"url": "https://bugzilla.suse.com/1194516"
},
{
"category": "self",
"summary": "SUSE Bug 1197894",
"url": "https://bugzilla.suse.com/1197894"
},
{
"category": "self",
"summary": "SUSE Bug 1203935",
"url": "https://bugzilla.suse.com/1203935"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1212514",
"url": "https://bugzilla.suse.com/1212514"
},
{
"category": "self",
"summary": "SUSE Bug 1213456",
"url": "https://bugzilla.suse.com/1213456"
},
{
"category": "self",
"summary": "SUSE Bug 1215221",
"url": "https://bugzilla.suse.com/1215221"
},
{
"category": "self",
"summary": "SUSE Bug 1217339",
"url": "https://bugzilla.suse.com/1217339"
},
{
"category": "self",
"summary": "SUSE Bug 1217987",
"url": "https://bugzilla.suse.com/1217987"
},
{
"category": "self",
"summary": "SUSE Bug 1217988",
"url": "https://bugzilla.suse.com/1217988"
},
{
"category": "self",
"summary": "SUSE Bug 1217989",
"url": "https://bugzilla.suse.com/1217989"
},
{
"category": "self",
"summary": "SUSE Bug 1218220",
"url": "https://bugzilla.suse.com/1218220"
},
{
"category": "self",
"summary": "SUSE Bug 1218336",
"url": "https://bugzilla.suse.com/1218336"
},
{
"category": "self",
"summary": "SUSE Bug 1218479",
"url": "https://bugzilla.suse.com/1218479"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1219104",
"url": "https://bugzilla.suse.com/1219104"
},
{
"category": "self",
"summary": "SUSE Bug 1219169",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "self",
"summary": "SUSE Bug 1219170",
"url": "https://bugzilla.suse.com/1219170"
},
{
"category": "self",
"summary": "SUSE Bug 1219618",
"url": "https://bugzilla.suse.com/1219618"
},
{
"category": "self",
"summary": "SUSE Bug 1219623",
"url": "https://bugzilla.suse.com/1219623"
},
{
"category": "self",
"summary": "SUSE Bug 1219847",
"url": "https://bugzilla.suse.com/1219847"
},
{
"category": "self",
"summary": "SUSE Bug 1220320",
"url": "https://bugzilla.suse.com/1220320"
},
{
"category": "self",
"summary": "SUSE Bug 1220366",
"url": "https://bugzilla.suse.com/1220366"
},
{
"category": "self",
"summary": "SUSE Bug 1220394",
"url": "https://bugzilla.suse.com/1220394"
},
{
"category": "self",
"summary": "SUSE Bug 1220411",
"url": "https://bugzilla.suse.com/1220411"
},
{
"category": "self",
"summary": "SUSE Bug 1220413",
"url": "https://bugzilla.suse.com/1220413"
},
{
"category": "self",
"summary": "SUSE Bug 1220416",
"url": "https://bugzilla.suse.com/1220416"
},
{
"category": "self",
"summary": "SUSE Bug 1220418",
"url": "https://bugzilla.suse.com/1220418"
},
{
"category": "self",
"summary": "SUSE Bug 1220442",
"url": "https://bugzilla.suse.com/1220442"
},
{
"category": "self",
"summary": "SUSE Bug 1220445",
"url": "https://bugzilla.suse.com/1220445"
},
{
"category": "self",
"summary": "SUSE Bug 1220513",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "self",
"summary": "SUSE Bug 1220521",
"url": "https://bugzilla.suse.com/1220521"
},
{
"category": "self",
"summary": "SUSE Bug 1220528",
"url": "https://bugzilla.suse.com/1220528"
},
{
"category": "self",
"summary": "SUSE Bug 1220536",
"url": "https://bugzilla.suse.com/1220536"
},
{
"category": "self",
"summary": "SUSE Bug 1220538",
"url": "https://bugzilla.suse.com/1220538"
},
{
"category": "self",
"summary": "SUSE Bug 1220554",
"url": "https://bugzilla.suse.com/1220554"
},
{
"category": "self",
"summary": "SUSE Bug 1220572",
"url": "https://bugzilla.suse.com/1220572"
},
{
"category": "self",
"summary": "SUSE Bug 1220580",
"url": "https://bugzilla.suse.com/1220580"
},
{
"category": "self",
"summary": "SUSE Bug 1220611",
"url": "https://bugzilla.suse.com/1220611"
},
{
"category": "self",
"summary": "SUSE Bug 1220625",
"url": "https://bugzilla.suse.com/1220625"
},
{
"category": "self",
"summary": "SUSE Bug 1220628",
"url": "https://bugzilla.suse.com/1220628"
},
{
"category": "self",
"summary": "SUSE Bug 1220637",
"url": "https://bugzilla.suse.com/1220637"
},
{
"category": "self",
"summary": "SUSE Bug 1220640",
"url": "https://bugzilla.suse.com/1220640"
},
{
"category": "self",
"summary": "SUSE Bug 1220662",
"url": "https://bugzilla.suse.com/1220662"
},
{
"category": "self",
"summary": "SUSE Bug 1220687",
"url": "https://bugzilla.suse.com/1220687"
},
{
"category": "self",
"summary": "SUSE Bug 1220692",
"url": "https://bugzilla.suse.com/1220692"
},
{
"category": "self",
"summary": "SUSE Bug 1220703",
"url": "https://bugzilla.suse.com/1220703"
},
{
"category": "self",
"summary": "SUSE Bug 1220706",
"url": "https://bugzilla.suse.com/1220706"
},
{
"category": "self",
"summary": "SUSE Bug 1220739",
"url": "https://bugzilla.suse.com/1220739"
},
{
"category": "self",
"summary": "SUSE Bug 1220742",
"url": "https://bugzilla.suse.com/1220742"
},
{
"category": "self",
"summary": "SUSE Bug 1220743",
"url": "https://bugzilla.suse.com/1220743"
},
{
"category": "self",
"summary": "SUSE Bug 1220745",
"url": "https://bugzilla.suse.com/1220745"
},
{
"category": "self",
"summary": "SUSE Bug 1220751",
"url": "https://bugzilla.suse.com/1220751"
},
{
"category": "self",
"summary": "SUSE Bug 1220768",
"url": "https://bugzilla.suse.com/1220768"
},
{
"category": "self",
"summary": "SUSE Bug 1220769",
"url": "https://bugzilla.suse.com/1220769"
},
{
"category": "self",
"summary": "SUSE Bug 1220777",
"url": "https://bugzilla.suse.com/1220777"
},
{
"category": "self",
"summary": "SUSE Bug 1220790",
"url": "https://bugzilla.suse.com/1220790"
},
{
"category": "self",
"summary": "SUSE Bug 1220794",
"url": "https://bugzilla.suse.com/1220794"
},
{
"category": "self",
"summary": "SUSE Bug 1220829",
"url": "https://bugzilla.suse.com/1220829"
},
{
"category": "self",
"summary": "SUSE Bug 1220836",
"url": "https://bugzilla.suse.com/1220836"
},
{
"category": "self",
"summary": "SUSE Bug 1220843",
"url": "https://bugzilla.suse.com/1220843"
},
{
"category": "self",
"summary": "SUSE Bug 1220846",
"url": "https://bugzilla.suse.com/1220846"
},
{
"category": "self",
"summary": "SUSE Bug 1220850",
"url": "https://bugzilla.suse.com/1220850"
},
{
"category": "self",
"summary": "SUSE Bug 1220871",
"url": "https://bugzilla.suse.com/1220871"
},
{
"category": "self",
"summary": "SUSE Bug 1220927",
"url": "https://bugzilla.suse.com/1220927"
},
{
"category": "self",
"summary": "SUSE Bug 1220960",
"url": "https://bugzilla.suse.com/1220960"
},
{
"category": "self",
"summary": "SUSE Bug 1220985",
"url": "https://bugzilla.suse.com/1220985"
},
{
"category": "self",
"summary": "SUSE Bug 1220987",
"url": "https://bugzilla.suse.com/1220987"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221046",
"url": "https://bugzilla.suse.com/1221046"
},
{
"category": "self",
"summary": "SUSE Bug 1221048",
"url": "https://bugzilla.suse.com/1221048"
},
{
"category": "self",
"summary": "SUSE Bug 1221058",
"url": "https://bugzilla.suse.com/1221058"
},
{
"category": "self",
"summary": "SUSE Bug 1221060",
"url": "https://bugzilla.suse.com/1221060"
},
{
"category": "self",
"summary": "SUSE Bug 1221061",
"url": "https://bugzilla.suse.com/1221061"
},
{
"category": "self",
"summary": "SUSE Bug 1221077",
"url": "https://bugzilla.suse.com/1221077"
},
{
"category": "self",
"summary": "SUSE Bug 1221082",
"url": "https://bugzilla.suse.com/1221082"
},
{
"category": "self",
"summary": "SUSE Bug 1221088",
"url": "https://bugzilla.suse.com/1221088"
},
{
"category": "self",
"summary": "SUSE Bug 1221162",
"url": "https://bugzilla.suse.com/1221162"
},
{
"category": "self",
"summary": "SUSE Bug 1221277",
"url": "https://bugzilla.suse.com/1221277"
},
{
"category": "self",
"summary": "SUSE Bug 1221293",
"url": "https://bugzilla.suse.com/1221293"
},
{
"category": "self",
"summary": "SUSE Bug 1221337",
"url": "https://bugzilla.suse.com/1221337"
},
{
"category": "self",
"summary": "SUSE Bug 1221532",
"url": "https://bugzilla.suse.com/1221532"
},
{
"category": "self",
"summary": "SUSE Bug 1221541",
"url": "https://bugzilla.suse.com/1221541"
},
{
"category": "self",
"summary": "SUSE Bug 1221543",
"url": "https://bugzilla.suse.com/1221543"
},
{
"category": "self",
"summary": "SUSE Bug 1221545",
"url": "https://bugzilla.suse.com/1221545"
},
{
"category": "self",
"summary": "SUSE Bug 1221548",
"url": "https://bugzilla.suse.com/1221548"
},
{
"category": "self",
"summary": "SUSE Bug 1221575",
"url": "https://bugzilla.suse.com/1221575"
},
{
"category": "self",
"summary": "SUSE Bug 1221605",
"url": "https://bugzilla.suse.com/1221605"
},
{
"category": "self",
"summary": "SUSE Bug 1221608",
"url": "https://bugzilla.suse.com/1221608"
},
{
"category": "self",
"summary": "SUSE Bug 1221617",
"url": "https://bugzilla.suse.com/1221617"
},
{
"category": "self",
"summary": "SUSE Bug 1221791",
"url": "https://bugzilla.suse.com/1221791"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221825",
"url": "https://bugzilla.suse.com/1221825"
},
{
"category": "self",
"summary": "SUSE Bug 1221830",
"url": "https://bugzilla.suse.com/1221830"
},
{
"category": "self",
"summary": "SUSE Bug 1221862",
"url": "https://bugzilla.suse.com/1221862"
},
{
"category": "self",
"summary": "SUSE Bug 1221934",
"url": "https://bugzilla.suse.com/1221934"
},
{
"category": "self",
"summary": "SUSE Bug 1221949",
"url": "https://bugzilla.suse.com/1221949"
},
{
"category": "self",
"summary": "SUSE Bug 1221952",
"url": "https://bugzilla.suse.com/1221952"
},
{
"category": "self",
"summary": "SUSE Bug 1221953",
"url": "https://bugzilla.suse.com/1221953"
},
{
"category": "self",
"summary": "SUSE Bug 1221965",
"url": "https://bugzilla.suse.com/1221965"
},
{
"category": "self",
"summary": "SUSE Bug 1221966",
"url": "https://bugzilla.suse.com/1221966"
},
{
"category": "self",
"summary": "SUSE Bug 1221967",
"url": "https://bugzilla.suse.com/1221967"
},
{
"category": "self",
"summary": "SUSE Bug 1221969",
"url": "https://bugzilla.suse.com/1221969"
},
{
"category": "self",
"summary": "SUSE Bug 1221972",
"url": "https://bugzilla.suse.com/1221972"
},
{
"category": "self",
"summary": "SUSE Bug 1221973",
"url": "https://bugzilla.suse.com/1221973"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1221979",
"url": "https://bugzilla.suse.com/1221979"
},
{
"category": "self",
"summary": "SUSE Bug 1221988",
"url": "https://bugzilla.suse.com/1221988"
},
{
"category": "self",
"summary": "SUSE Bug 1221991",
"url": "https://bugzilla.suse.com/1221991"
},
{
"category": "self",
"summary": "SUSE Bug 1221993",
"url": "https://bugzilla.suse.com/1221993"
},
{
"category": "self",
"summary": "SUSE Bug 1221994",
"url": "https://bugzilla.suse.com/1221994"
},
{
"category": "self",
"summary": "SUSE Bug 1221997",
"url": "https://bugzilla.suse.com/1221997"
},
{
"category": "self",
"summary": "SUSE Bug 1221998",
"url": "https://bugzilla.suse.com/1221998"
},
{
"category": "self",
"summary": "SUSE Bug 1221999",
"url": "https://bugzilla.suse.com/1221999"
},
{
"category": "self",
"summary": "SUSE Bug 1222000",
"url": "https://bugzilla.suse.com/1222000"
},
{
"category": "self",
"summary": "SUSE Bug 1222001",
"url": "https://bugzilla.suse.com/1222001"
},
{
"category": "self",
"summary": "SUSE Bug 1222002",
"url": "https://bugzilla.suse.com/1222002"
},
{
"category": "self",
"summary": "SUSE Bug 1222117",
"url": "https://bugzilla.suse.com/1222117"
},
{
"category": "self",
"summary": "SUSE Bug 1222294",
"url": "https://bugzilla.suse.com/1222294"
},
{
"category": "self",
"summary": "SUSE Bug 1222300",
"url": "https://bugzilla.suse.com/1222300"
},
{
"category": "self",
"summary": "SUSE Bug 1222357",
"url": "https://bugzilla.suse.com/1222357"
},
{
"category": "self",
"summary": "SUSE Bug 1222379",
"url": "https://bugzilla.suse.com/1222379"
},
{
"category": "self",
"summary": "SUSE Bug 1222422",
"url": "https://bugzilla.suse.com/1222422"
},
{
"category": "self",
"summary": "SUSE Bug 1222428",
"url": "https://bugzilla.suse.com/1222428"
},
{
"category": "self",
"summary": "SUSE Bug 1222449",
"url": "https://bugzilla.suse.com/1222449"
},
{
"category": "self",
"summary": "SUSE Bug 1222503",
"url": "https://bugzilla.suse.com/1222503"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222609",
"url": "https://bugzilla.suse.com/1222609"
},
{
"category": "self",
"summary": "SUSE Bug 1222610",
"url": "https://bugzilla.suse.com/1222610"
},
{
"category": "self",
"summary": "SUSE Bug 1222613",
"url": "https://bugzilla.suse.com/1222613"
},
{
"category": "self",
"summary": "SUSE Bug 1222618",
"url": "https://bugzilla.suse.com/1222618"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222624",
"url": "https://bugzilla.suse.com/1222624"
},
{
"category": "self",
"summary": "SUSE Bug 1222630",
"url": "https://bugzilla.suse.com/1222630"
},
{
"category": "self",
"summary": "SUSE Bug 1222632",
"url": "https://bugzilla.suse.com/1222632"
},
{
"category": "self",
"summary": "SUSE Bug 1222660",
"url": "https://bugzilla.suse.com/1222660"
},
{
"category": "self",
"summary": "SUSE Bug 1222662",
"url": "https://bugzilla.suse.com/1222662"
},
{
"category": "self",
"summary": "SUSE Bug 1222664",
"url": "https://bugzilla.suse.com/1222664"
},
{
"category": "self",
"summary": "SUSE Bug 1222666",
"url": "https://bugzilla.suse.com/1222666"
},
{
"category": "self",
"summary": "SUSE Bug 1222669",
"url": "https://bugzilla.suse.com/1222669"
},
{
"category": "self",
"summary": "SUSE Bug 1222671",
"url": "https://bugzilla.suse.com/1222671"
},
{
"category": "self",
"summary": "SUSE Bug 1222677",
"url": "https://bugzilla.suse.com/1222677"
},
{
"category": "self",
"summary": "SUSE Bug 1222706",
"url": "https://bugzilla.suse.com/1222706"
},
{
"category": "self",
"summary": "SUSE Bug 1222720",
"url": "https://bugzilla.suse.com/1222720"
},
{
"category": "self",
"summary": "SUSE Bug 1222765",
"url": "https://bugzilla.suse.com/1222765"
},
{
"category": "self",
"summary": "SUSE Bug 1222770",
"url": "https://bugzilla.suse.com/1222770"
},
{
"category": "self",
"summary": "SUSE Bug 1222772",
"url": "https://bugzilla.suse.com/1222772"
},
{
"category": "self",
"summary": "SUSE Bug 1222787",
"url": "https://bugzilla.suse.com/1222787"
},
{
"category": "self",
"summary": "SUSE Bug 1222790",
"url": "https://bugzilla.suse.com/1222790"
},
{
"category": "self",
"summary": "SUSE Bug 1222793",
"url": "https://bugzilla.suse.com/1222793"
},
{
"category": "self",
"summary": "SUSE Bug 1222812",
"url": "https://bugzilla.suse.com/1222812"
},
{
"category": "self",
"summary": "SUSE Bug 1222836",
"url": "https://bugzilla.suse.com/1222836"
},
{
"category": "self",
"summary": "SUSE Bug 1222869",
"url": "https://bugzilla.suse.com/1222869"
},
{
"category": "self",
"summary": "SUSE Bug 1222876",
"url": "https://bugzilla.suse.com/1222876"
},
{
"category": "self",
"summary": "SUSE Bug 1222878",
"url": "https://bugzilla.suse.com/1222878"
},
{
"category": "self",
"summary": "SUSE Bug 1222881",
"url": "https://bugzilla.suse.com/1222881"
},
{
"category": "self",
"summary": "SUSE Bug 1222883",
"url": "https://bugzilla.suse.com/1222883"
},
{
"category": "self",
"summary": "SUSE Bug 1222888",
"url": "https://bugzilla.suse.com/1222888"
},
{
"category": "self",
"summary": "SUSE Bug 1222952",
"url": "https://bugzilla.suse.com/1222952"
},
{
"category": "self",
"summary": "SUSE Bug 1222961",
"url": "https://bugzilla.suse.com/1222961"
},
{
"category": "self",
"summary": "SUSE Bug 1222975",
"url": "https://bugzilla.suse.com/1222975"
},
{
"category": "self",
"summary": "SUSE Bug 1222976",
"url": "https://bugzilla.suse.com/1222976"
},
{
"category": "self",
"summary": "SUSE Bug 1223016",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "self",
"summary": "SUSE Bug 1223035",
"url": "https://bugzilla.suse.com/1223035"
},
{
"category": "self",
"summary": "SUSE Bug 1223049",
"url": "https://bugzilla.suse.com/1223049"
},
{
"category": "self",
"summary": "SUSE Bug 1223051",
"url": "https://bugzilla.suse.com/1223051"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223058",
"url": "https://bugzilla.suse.com/1223058"
},
{
"category": "self",
"summary": "SUSE Bug 1223060",
"url": "https://bugzilla.suse.com/1223060"
},
{
"category": "self",
"summary": "SUSE Bug 1223119",
"url": "https://bugzilla.suse.com/1223119"
},
{
"category": "self",
"summary": "SUSE Bug 1223187",
"url": "https://bugzilla.suse.com/1223187"
},
{
"category": "self",
"summary": "SUSE Bug 1223189",
"url": "https://bugzilla.suse.com/1223189"
},
{
"category": "self",
"summary": "SUSE Bug 1223198",
"url": "https://bugzilla.suse.com/1223198"
},
{
"category": "self",
"summary": "SUSE Bug 1223203",
"url": "https://bugzilla.suse.com/1223203"
},
{
"category": "self",
"summary": "SUSE Bug 1223315",
"url": "https://bugzilla.suse.com/1223315"
},
{
"category": "self",
"summary": "SUSE Bug 1223432",
"url": "https://bugzilla.suse.com/1223432"
},
{
"category": "self",
"summary": "SUSE Bug 1223509",
"url": "https://bugzilla.suse.com/1223509"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223513",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "self",
"summary": "SUSE Bug 1223516",
"url": "https://bugzilla.suse.com/1223516"
},
{
"category": "self",
"summary": "SUSE Bug 1223518",
"url": "https://bugzilla.suse.com/1223518"
},
{
"category": "self",
"summary": "SUSE Bug 1223539",
"url": "https://bugzilla.suse.com/1223539"
},
{
"category": "self",
"summary": "SUSE Bug 1223540",
"url": "https://bugzilla.suse.com/1223540"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223627",
"url": "https://bugzilla.suse.com/1223627"
},
{
"category": "self",
"summary": "SUSE Bug 1223664",
"url": "https://bugzilla.suse.com/1223664"
},
{
"category": "self",
"summary": "SUSE Bug 1223686",
"url": "https://bugzilla.suse.com/1223686"
},
{
"category": "self",
"summary": "SUSE Bug 1223693",
"url": "https://bugzilla.suse.com/1223693"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223735",
"url": "https://bugzilla.suse.com/1223735"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223745",
"url": "https://bugzilla.suse.com/1223745"
},
{
"category": "self",
"summary": "SUSE Bug 1223770",
"url": "https://bugzilla.suse.com/1223770"
},
{
"category": "self",
"summary": "SUSE Bug 1223781",
"url": "https://bugzilla.suse.com/1223781"
},
{
"category": "self",
"summary": "SUSE Bug 1223802",
"url": "https://bugzilla.suse.com/1223802"
},
{
"category": "self",
"summary": "SUSE Bug 1223819",
"url": "https://bugzilla.suse.com/1223819"
},
{
"category": "self",
"summary": "SUSE Bug 1223824",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "self",
"summary": "SUSE Bug 1223827",
"url": "https://bugzilla.suse.com/1223827"
},
{
"category": "self",
"summary": "SUSE Bug 1223837",
"url": "https://bugzilla.suse.com/1223837"
},
{
"category": "self",
"summary": "SUSE Bug 1223842",
"url": "https://bugzilla.suse.com/1223842"
},
{
"category": "self",
"summary": "SUSE Bug 1223843",
"url": "https://bugzilla.suse.com/1223843"
},
{
"category": "self",
"summary": "SUSE Bug 1223844",
"url": "https://bugzilla.suse.com/1223844"
},
{
"category": "self",
"summary": "SUSE Bug 1223883",
"url": "https://bugzilla.suse.com/1223883"
},
{
"category": "self",
"summary": "SUSE Bug 1223885",
"url": "https://bugzilla.suse.com/1223885"
},
{
"category": "self",
"summary": "SUSE Bug 1223921",
"url": "https://bugzilla.suse.com/1223921"
},
{
"category": "self",
"summary": "SUSE Bug 1223923",
"url": "https://bugzilla.suse.com/1223923"
},
{
"category": "self",
"summary": "SUSE Bug 1223931",
"url": "https://bugzilla.suse.com/1223931"
},
{
"category": "self",
"summary": "SUSE Bug 1223941",
"url": "https://bugzilla.suse.com/1223941"
},
{
"category": "self",
"summary": "SUSE Bug 1223952",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "self",
"summary": "SUSE Bug 1223953",
"url": "https://bugzilla.suse.com/1223953"
},
{
"category": "self",
"summary": "SUSE Bug 1223954",
"url": "https://bugzilla.suse.com/1223954"
},
{
"category": "self",
"summary": "SUSE Bug 1223969",
"url": "https://bugzilla.suse.com/1223969"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-25160 page",
"url": "https://www.suse.com/security/cve/CVE-2019-25160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36312 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23134 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46904 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46905 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46938 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46939 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46941 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46950 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46955 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46958 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46960 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46963 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46964 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46966 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46981 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46988 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46990 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46998 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47006 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47015 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47024 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47034 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47045 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47049 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47055 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47056 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47060 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47061 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47063 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47068 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47070 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47071 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47073 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47100 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47101 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47104 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47110 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47112 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47113 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47114 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47117 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47118 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47119 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47131 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47141 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47142 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47143 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47146 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47149 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47150 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47153 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47159 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47161 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47165 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47166 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47167 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47168 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47169 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47171 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47173 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47177 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47179 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47180 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47181 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47182 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47183 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47184 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47185 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47188 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47189 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47198 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47202 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47204 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47205 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47207 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47211 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47216 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47217 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0487 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48619 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48626 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48650 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48667 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48668 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48672 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48687 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48688 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48695 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48701 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48702 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28746 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-35827 page",
"url": "https://www.suse.com/security/cve/CVE-2023-35827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4881 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52469 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52470 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52474 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52476 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52477 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52486 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52488 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52509 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52524 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52528 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52575 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52583 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52587 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52595 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52598 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52607 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52607/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52614 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52620 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52628 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52635 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52639 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52644 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52650 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6356 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7192 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2201 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-22099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-22099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26642 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26651 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26689 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26704 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26743 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26744 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26747 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26754 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26771 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26772 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26773 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26778 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26779 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26793 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26839 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26859 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26876 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27075 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-05-14T13:38:57Z",
"generator": {
"date": "2024-05-14T13:38:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1643-1",
"initial_release_date": "2024-05-14T13:38:57Z",
"revision_history": [
{
"date": "2024-05-14T13:38:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.182.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.182.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.182.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.182.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.182.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.182.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.182.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.182.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.182.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.182.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.182.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.182.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.182.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.182.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.182.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.182.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.182.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.182.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.182.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.182.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.182.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.182.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.182.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.182.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.182.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.182.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.182.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.182.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.182.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.182.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.182.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.182.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.182.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.182.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.182.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.182.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.182.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.182.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.182.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.182.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-25160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou\u0027ll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn\u0027t exist before\nLinux v4.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-25160",
"url": "https://www.suse.com/security/cve/CVE-2019-25160"
},
{
"category": "external",
"summary": "SUSE Bug 1220394 for CVE-2019-25160",
"url": "https://bugzilla.suse.com/1220394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2019-25160"
},
{
"cve": "CVE-2020-36312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36312"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36312",
"url": "https://www.suse.com/security/cve/CVE-2020-36312"
},
{
"category": "external",
"summary": "SUSE Bug 1184509 for CVE-2020-36312",
"url": "https://bugzilla.suse.com/1184509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "low"
}
],
"title": "CVE-2020-36312"
},
{
"cve": "CVE-2021-23134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23134"
}
],
"notes": [
{
"category": "general",
"text": "Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23134",
"url": "https://www.suse.com/security/cve/CVE-2021-23134"
},
{
"category": "external",
"summary": "SUSE Bug 1186060 for CVE-2021-23134",
"url": "https://bugzilla.suse.com/1186060"
},
{
"category": "external",
"summary": "SUSE Bug 1186061 for CVE-2021-23134",
"url": "https://bugzilla.suse.com/1186061"
},
{
"category": "external",
"summary": "SUSE Bug 1220739 for CVE-2021-23134",
"url": "https://bugzilla.suse.com/1220739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2021-23134"
},
{
"cve": "CVE-2021-46904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix null-ptr-deref during tty device unregistration\n\nMultiple ttys try to claim the same the minor number causing a double\nunregistration of the same device. The first unregistration succeeds\nbut the next one results in a null-ptr-deref.\n\nThe get_free_serial_index() function returns an available minor number\nbut doesn\u0027t assign it immediately. The assignment is done by the caller\nlater. But before this assignment, calls to get_free_serial_index()\nwould return the same minor number.\n\nFix this by modifying get_free_serial_index to assign the minor number\nimmediately after one is found to be and rename it to obtain_minor()\nto better reflect what it does. Similary, rename set_serial_by_index()\nto release_minor() and modify it to free up the minor number of the\ngiven hso_serial. Every obtain_minor() should have corresponding\nrelease_minor() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46904",
"url": "https://www.suse.com/security/cve/CVE-2021-46904"
},
{
"category": "external",
"summary": "SUSE Bug 1220416 for CVE-2021-46904",
"url": "https://bugzilla.suse.com/1220416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46904"
},
{
"cve": "CVE-2021-46905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix NULL-deref on disconnect regression\n\nCommit 8a12f8836145 (\"net: hso: fix null-ptr-deref during tty device\nunregistration\") fixed the racy minor allocation reported by syzbot, but\nintroduced an unconditional NULL-pointer dereference on every disconnect\ninstead.\n\nSpecifically, the serial device table must no longer be accessed after\nthe minor has been released by hso_serial_tty_unregister().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46905",
"url": "https://www.suse.com/security/cve/CVE-2021-46905"
},
{
"category": "external",
"summary": "SUSE Bug 1220418 for CVE-2021-46905",
"url": "https://bugzilla.suse.com/1220418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46905"
},
{
"cve": "CVE-2021-46909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: footbridge: fix PCI interrupt mapping\n\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46909",
"url": "https://www.suse.com/security/cve/CVE-2021-46909"
},
{
"category": "external",
"summary": "SUSE Bug 1220442 for CVE-2021-46909",
"url": "https://bugzilla.suse.com/1220442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46909"
},
{
"cve": "CVE-2021-46938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm rq: fix double free of blk_mq_tag_set in dev remove after table load fails\n\nWhen loading a device-mapper table for a request-based mapped device,\nand the allocation/initialization of the blk_mq_tag_set for the device\nfails, a following device remove will cause a double free.\n\nE.g. (dmesg):\n device-mapper: core: Cannot initialize queue for request-based dm-mq mapped device\n device-mapper: ioctl: unable to set up device queue for new table.\n Unable to handle kernel pointer dereference in virtual kernel address space\n Failing address: 0305e098835de000 TEID: 0305e098835de803\n Fault in home space mode while using kernel ASCE.\n AS:000000025efe0007 R3:0000000000000024\n Oops: 0038 ilc:3 [#1] SMP\n Modules linked in: ... lots of modules ...\n Supported: Yes, External\n CPU: 0 PID: 7348 Comm: multipathd Kdump: loaded Tainted: G W X 5.3.18-53-default #1 SLE15-SP3\n Hardware name: IBM 8561 T01 7I2 (LPAR)\n Krnl PSW : 0704e00180000000 000000025e368eca (kfree+0x42/0x330)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n Krnl GPRS: 000000000000004a 000000025efe5230 c1773200d779968d 0000000000000000\n 000000025e520270 000000025e8d1b40 0000000000000003 00000007aae10000\n 000000025e5202a2 0000000000000001 c1773200d779968d 0305e098835de640\n 00000007a8170000 000003ff80138650 000000025e5202a2 000003e00396faa8\n Krnl Code: 000000025e368eb8: c4180041e100 lgrl %r1,25eba50b8\n 000000025e368ebe: ecba06b93a55 risbg %r11,%r10,6,185,58\n #000000025e368ec4: e3b010000008 ag %r11,0(%r1)\n \u003e000000025e368eca: e310b0080004 lg %r1,8(%r11)\n 000000025e368ed0: a7110001 tmll %r1,1\n 000000025e368ed4: a7740129 brc 7,25e369126\n 000000025e368ed8: e320b0080004 lg %r2,8(%r11)\n 000000025e368ede: b904001b lgr %r1,%r11\n Call Trace:\n [\u003c000000025e368eca\u003e] kfree+0x42/0x330\n [\u003c000000025e5202a2\u003e] blk_mq_free_tag_set+0x72/0xb8\n [\u003c000003ff801316a8\u003e] dm_mq_cleanup_mapped_device+0x38/0x50 [dm_mod]\n [\u003c000003ff80120082\u003e] free_dev+0x52/0xd0 [dm_mod]\n [\u003c000003ff801233f0\u003e] __dm_destroy+0x150/0x1d0 [dm_mod]\n [\u003c000003ff8012bb9a\u003e] dev_remove+0x162/0x1c0 [dm_mod]\n [\u003c000003ff8012a988\u003e] ctl_ioctl+0x198/0x478 [dm_mod]\n [\u003c000003ff8012ac8a\u003e] dm_ctl_ioctl+0x22/0x38 [dm_mod]\n [\u003c000000025e3b11ee\u003e] ksys_ioctl+0xbe/0xe0\n [\u003c000000025e3b127a\u003e] __s390x_sys_ioctl+0x2a/0x40\n [\u003c000000025e8c15ac\u003e] system_call+0xd8/0x2c8\n Last Breaking-Event-Address:\n [\u003c000000025e52029c\u003e] blk_mq_free_tag_set+0x6c/0xb8\n Kernel panic - not syncing: Fatal exception: panic_on_oops\n\nWhen allocation/initialization of the blk_mq_tag_set fails in\ndm_mq_init_request_queue(), it is uninitialized/freed, but the pointer\nis not reset to NULL; so when dev_remove() later gets into\ndm_mq_cleanup_mapped_device() it sees the pointer and tries to\nuninitialize and free it again.\n\nFix this by setting the pointer to NULL in dm_mq_init_request_queue()\nerror-handling. Also set it to NULL in dm_mq_cleanup_mapped_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46938",
"url": "https://www.suse.com/security/cve/CVE-2021-46938"
},
{
"category": "external",
"summary": "SUSE Bug 1220554 for CVE-2021-46938",
"url": "https://bugzilla.suse.com/1220554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46938"
},
{
"cve": "CVE-2021-46939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Restructure trace_clock_global() to never block\n\nIt was reported that a fix to the ring buffer recursion detection would\ncause a hung machine when performing suspend / resume testing. The\nfollowing backtrace was extracted from debugging that case:\n\nCall Trace:\n trace_clock_global+0x91/0xa0\n __rb_reserve_next+0x237/0x460\n ring_buffer_lock_reserve+0x12a/0x3f0\n trace_buffer_lock_reserve+0x10/0x50\n __trace_graph_return+0x1f/0x80\n trace_graph_return+0xb7/0xf0\n ? trace_clock_global+0x91/0xa0\n ftrace_return_to_handler+0x8b/0xf0\n ? pv_hash+0xa0/0xa0\n return_to_handler+0x15/0x30\n ? ftrace_graph_caller+0xa0/0xa0\n ? trace_clock_global+0x91/0xa0\n ? __rb_reserve_next+0x237/0x460\n ? ring_buffer_lock_reserve+0x12a/0x3f0\n ? trace_event_buffer_lock_reserve+0x3c/0x120\n ? trace_event_buffer_reserve+0x6b/0xc0\n ? trace_event_raw_event_device_pm_callback_start+0x125/0x2d0\n ? dpm_run_callback+0x3b/0xc0\n ? pm_ops_is_empty+0x50/0x50\n ? platform_get_irq_byname_optional+0x90/0x90\n ? trace_device_pm_callback_start+0x82/0xd0\n ? dpm_run_callback+0x49/0xc0\n\nWith the following RIP:\n\nRIP: 0010:native_queued_spin_lock_slowpath+0x69/0x200\n\nSince the fix to the recursion detection would allow a single recursion to\nhappen while tracing, this lead to the trace_clock_global() taking a spin\nlock and then trying to take it again:\n\nring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* lock taken */\n (something else gets traced by function graph tracer)\n ring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* DEAD LOCK! */\n\nTracing should *never* block, as it can lead to strange lockups like the\nabove.\n\nRestructure the trace_clock_global() code to instead of simply taking a\nlock to update the recorded \"prev_time\" simply use it, as two events\nhappening on two different CPUs that calls this at the same time, really\ndoesn\u0027t matter which one goes first. Use a trylock to grab the lock for\nupdating the prev_time, and if it fails, simply try again the next time.\nIf it failed to be taken, that means something else is already updating\nit.\n\n\nBugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=212761",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46939",
"url": "https://www.suse.com/security/cve/CVE-2021-46939"
},
{
"category": "external",
"summary": "SUSE Bug 1220580 for CVE-2021-46939",
"url": "https://bugzilla.suse.com/1220580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46939"
},
{
"cve": "CVE-2021-46941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: core: Do core softreset when switch mode\n\n\nAccording to the programming guide, to switch mode for DRD controller,\nthe driver needs to do the following.\n\nTo switch from device to host:\n1. Reset controller with GCTL.CoreSoftReset\n2. Set GCTL.PrtCapDir(host mode)\n3. Reset the host with USBCMD.HCRESET\n4. Then follow up with the initializing host registers sequence\n\nTo switch from host to device:\n1. Reset controller with GCTL.CoreSoftReset\n2. Set GCTL.PrtCapDir(device mode)\n3. Reset the device with DCTL.CSftRst\n4. Then follow up with the initializing registers sequence\n\nCurrently we\u0027re missing step 1) to do GCTL.CoreSoftReset and step 3) of\nswitching from host to device. John Stult reported a lockup issue seen\nwith HiKey960 platform without these steps[1]. Similar issue is observed\nwith Ferry\u0027s testing platform[2].\n\nSo, apply the required steps along with some fixes to Yu Chen\u0027s and John\nStultz\u0027s version. The main fixes to their versions are the missing wait\nfor clocks synchronization before clearing GCTL.CoreSoftReset and only\napply DCTL.CSftRst when switching from host to device.\n\n[1] https://lore.kernel.org/linux-usb/20210108015115.27920-1-john.stultz@linaro.org/\n[2] https://lore.kernel.org/linux-usb/0ba7a6ba-e6a7-9cd4-0695-64fc927e01f1@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46941",
"url": "https://www.suse.com/security/cve/CVE-2021-46941"
},
{
"category": "external",
"summary": "SUSE Bug 1220628 for CVE-2021-46941",
"url": "https://bugzilla.suse.com/1220628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46941"
},
{
"cve": "CVE-2021-46950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: properly indicate failure when ending a failed write request\n\nThis patch addresses a data corruption bug in raid1 arrays using bitmaps.\nWithout this fix, the bitmap bits for the failed I/O end up being cleared.\n\nSince we are in the failure leg of raid1_end_write_request, the request\neither needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46950",
"url": "https://www.suse.com/security/cve/CVE-2021-46950"
},
{
"category": "external",
"summary": "SUSE Bug 1220662 for CVE-2021-46950",
"url": "https://bugzilla.suse.com/1220662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46950"
},
{
"cve": "CVE-2021-46955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix stack OOB read while fragmenting IPv4 packets\n\nrunning openvswitch on kernels built with KASAN, it\u0027s possible to see the\nfollowing splat while testing fragmentation of IPv4 packets:\n\n BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60\n Read of size 1 at addr ffff888112fc713c by task handler2/1367\n\n CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n Call Trace:\n dump_stack+0x92/0xc1\n print_address_description.constprop.7+0x1a/0x150\n kasan_report.cold.13+0x7f/0x111\n ip_do_fragment+0x1b03/0x1f60\n ovs_fragment+0x5bf/0x840 [openvswitch]\n do_execute_actions+0x1bd5/0x2400 [openvswitch]\n ovs_execute_actions+0xc8/0x3d0 [openvswitch]\n ovs_packet_cmd_execute+0xa39/0x1150 [openvswitch]\n genl_family_rcv_msg_doit.isra.15+0x227/0x2d0\n genl_rcv_msg+0x287/0x490\n netlink_rcv_skb+0x120/0x380\n genl_rcv+0x24/0x40\n netlink_unicast+0x439/0x630\n netlink_sendmsg+0x719/0xbf0\n sock_sendmsg+0xe2/0x110\n ____sys_sendmsg+0x5ba/0x890\n ___sys_sendmsg+0xe9/0x160\n __sys_sendmsg+0xd3/0x170\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f957079db07\n Code: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 eb ec ff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 24 ed ff ff 48\n RSP: 002b:00007f956ce35a50 EFLAGS: 00000293 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 00007f957079db07\n RDX: 0000000000000000 RSI: 00007f956ce35ae0 RDI: 0000000000000019\n RBP: 00007f956ce35ae0 R08: 0000000000000000 R09: 00007f9558006730\n R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n R13: 00007f956ce37308 R14: 00007f956ce35f80 R15: 00007f956ce35ae0\n\n The buggy address belongs to the page:\n page:00000000af2a1d93 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112fc7\n flags: 0x17ffffc0000000()\n raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n addr ffff888112fc713c is located in stack of task handler2/1367 at offset 180 in frame:\n ovs_fragment+0x0/0x840 [openvswitch]\n\n this frame has 2 objects:\n [32, 144) \u0027ovs_dst\u0027\n [192, 424) \u0027ovs_rt\u0027\n\n Memory state around the buggy address:\n ffff888112fc7000: f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7080: 00 f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00\n \u003effff888112fc7100: 00 00 00 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00\n ^\n ffff888112fc7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7200: 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 00 00\n\nfor IPv4 packets, ovs_fragment() uses a temporary struct dst_entry. Then,\nin the following call graph:\n\n ip_do_fragment()\n ip_skb_dst_mtu()\n ip_dst_mtu_maybe_forward()\n ip_mtu_locked()\n\nthe pointer to struct dst_entry is used as pointer to struct rtable: this\nturns the access to struct members like rt_mtu_locked into an OOB read in\nthe stack. Fix this changing the temporary variable used for IPv4 packets\nin ovs_fragment(), similarly to what is done for IPv6 few lines below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46955",
"url": "https://www.suse.com/security/cve/CVE-2021-46955"
},
{
"category": "external",
"summary": "SUSE Bug 1220513 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "external",
"summary": "SUSE Bug 1220537 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2021-46955"
},
{
"cve": "CVE-2021-46958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between transaction aborts and fsyncs leading to use-after-free\n\nThere is a race between a task aborting a transaction during a commit,\na task doing an fsync and the transaction kthread, which leads to an\nuse-after-free of the log root tree. When this happens, it results in a\nstack trace like the following:\n\n BTRFS info (device dm-0): forced readonly\n BTRFS warning (device dm-0): Skipping commit of aborted transaction.\n BTRFS: error (device dm-0) in cleanup_transaction:1958: errno=-5 IO failure\n BTRFS warning (device dm-0): lost page write due to IO error on /dev/mapper/error-test (-5)\n BTRFS warning (device dm-0): Skipping commit of aborted transaction.\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0xa4e8 len 4096 err no 10\n BTRFS error (device dm-0): error writing primary super block to device 1\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e000 len 4096 err no 10\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e008 len 4096 err no 10\n BTRFS warning (device dm-0): direct IO failed ino 261 rw 0,0 sector 0x12e010 len 4096 err no 10\n BTRFS: error (device dm-0) in write_all_supers:4110: errno=-5 IO failure (1 errors while writing supers)\n BTRFS: error (device dm-0) in btrfs_sync_log:3308: errno=-5 IO failure\n general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b68: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI\n CPU: 2 PID: 2458471 Comm: fsstress Not tainted 5.12.0-rc5-btrfs-next-84 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__mutex_lock+0x139/0xa40\n Code: c0 74 19 (...)\n RSP: 0018:ffff9f18830d7b00 EFLAGS: 00010202\n RAX: 6b6b6b6b6b6b6b68 RBX: 0000000000000001 RCX: 0000000000000002\n RDX: ffffffffb9c54d13 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff9f18830d7bc0 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff9f18830d7be0 R11: 0000000000000001 R12: ffff8c6cd199c040\n R13: ffff8c6c95821358 R14: 00000000fffffffb R15: ffff8c6cbcf01358\n FS: 00007fa9140c2b80(0000) GS:ffff8c6fac600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fa913d52000 CR3: 000000013d2b4003 CR4: 0000000000370ee0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? __btrfs_handle_fs_error+0xde/0x146 [btrfs]\n ? btrfs_sync_log+0x7c1/0xf20 [btrfs]\n ? btrfs_sync_log+0x7c1/0xf20 [btrfs]\n btrfs_sync_log+0x7c1/0xf20 [btrfs]\n btrfs_sync_file+0x40c/0x580 [btrfs]\n do_fsync+0x38/0x70\n __x64_sys_fsync+0x10/0x20\n do_syscall_64+0x33/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7fa9142a55c3\n Code: 8b 15 09 (...)\n RSP: 002b:00007fff26278d48 EFLAGS: 00000246 ORIG_RAX: 000000000000004a\n RAX: ffffffffffffffda RBX: 0000563c83cb4560 RCX: 00007fa9142a55c3\n RDX: 00007fff26278cb0 RSI: 00007fff26278cb0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 0000000000000001 R09: 00007fff26278d5c\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000340\n R13: 00007fff26278de0 R14: 00007fff26278d96 R15: 0000563c83ca57c0\n Modules linked in: btrfs dm_zero dm_snapshot dm_thin_pool (...)\n ---[ end trace ee2f1b19327d791d ]---\n\nThe steps that lead to this crash are the following:\n\n1) We are at transaction N;\n\n2) We have two tasks with a transaction handle attached to transaction N.\n Task A and Task B. Task B is doing an fsync;\n\n3) Task B is at btrfs_sync_log(), and has saved fs_info-\u003elog_root_tree\n into a local variable named \u0027log_root_tree\u0027 at the top of\n btrfs_sync_log(). Task B is about to call write_all_supers(), but\n before that...\n\n4) Task A calls btrfs_commit_transaction(), and after it sets the\n transaction state to TRANS_STATE_COMMIT_START, an error happens before\n it w\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46958",
"url": "https://www.suse.com/security/cve/CVE-2021-46958"
},
{
"category": "external",
"summary": "SUSE Bug 1220521 for CVE-2021-46958",
"url": "https://bugzilla.suse.com/1220521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46958"
},
{
"cve": "CVE-2021-46960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Return correct error code from smb2_get_enc_key\n\nAvoid a warning if the error percolates back up:\n\n[440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: Could not get encryption key\n[440700.386947] ------------[ cut here ]------------\n[440700.386948] err = 1\n[440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70\n...\n[440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu\n...\n[440700.397334] Call Trace:\n[440700.397346] __filemap_set_wb_err+0x1a/0x70\n[440700.397419] cifs_writepages+0x9c7/0xb30 [cifs]\n[440700.397426] do_writepages+0x4b/0xe0\n[440700.397444] __filemap_fdatawrite_range+0xcb/0x100\n[440700.397455] filemap_write_and_wait+0x42/0xa0\n[440700.397486] cifs_setattr+0x68b/0xf30 [cifs]\n[440700.397493] notify_change+0x358/0x4a0\n[440700.397500] utimes_common+0xe9/0x1c0\n[440700.397510] do_utimes+0xc5/0x150\n[440700.397520] __x64_sys_utimensat+0x88/0xd0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46960",
"url": "https://www.suse.com/security/cve/CVE-2021-46960"
},
{
"category": "external",
"summary": "SUSE Bug 1220528 for CVE-2021-46960",
"url": "https://bugzilla.suse.com/1220528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46960"
},
{
"cve": "CVE-2021-46963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()\n\n RIP: 0010:kmem_cache_free+0xfa/0x1b0\n Call Trace:\n qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx]\n scsi_queue_rq+0x5e2/0xa40\n __blk_mq_try_issue_directly+0x128/0x1d0\n blk_mq_request_issue_directly+0x4e/0xb0\n\nFix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now\nallocated by upper layers. This fixes smatch warning of srb unintended\nfree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46963",
"url": "https://www.suse.com/security/cve/CVE-2021-46963"
},
{
"category": "external",
"summary": "SUSE Bug 1220536 for CVE-2021-46963",
"url": "https://bugzilla.suse.com/1220536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46963"
},
{
"cve": "CVE-2021-46964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Reserve extra IRQ vectors\n\nCommit a6dcfe08487e (\"scsi: qla2xxx: Limit interrupt vectors to number of\nCPUs\") lowers the number of allocated MSI-X vectors to the number of CPUs.\n\nThat breaks vector allocation assumptions in qla83xx_iospace_config(),\nqla24xx_enable_msix() and qla2x00_iospace_config(). Either of the functions\ncomputes maximum number of qpairs as:\n\n ha-\u003emax_qpairs = ha-\u003emsix_count - 1 (MB interrupt) - 1 (default\n response queue) - 1 (ATIO, in dual or pure target mode)\n\nmax_qpairs is set to zero in case of two CPUs and initiator mode. The\nnumber is then used to allocate ha-\u003equeue_pair_map inside\nqla2x00_alloc_queues(). No allocation happens and ha-\u003equeue_pair_map is\nleft NULL but the driver thinks there are queue pairs available.\n\nqla2xxx_queuecommand() tries to find a qpair in the map and crashes:\n\n if (ha-\u003emqenable) {\n uint32_t tag;\n uint16_t hwq;\n struct qla_qpair *qpair = NULL;\n\n tag = blk_mq_unique_tag(cmd-\u003erequest);\n hwq = blk_mq_unique_tag_to_hwq(tag);\n qpair = ha-\u003equeue_pair_map[hwq]; # \u003c- HERE\n\n if (qpair)\n return qla2xxx_mqueuecommand(host, cmd, qpair);\n }\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP PTI\n CPU: 0 PID: 72 Comm: kworker/u4:3 Tainted: G W 5.10.0-rc1+ #25\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014\n Workqueue: scsi_wq_7 fc_scsi_scan_rport [scsi_transport_fc]\n RIP: 0010:qla2xxx_queuecommand+0x16b/0x3f0 [qla2xxx]\n Call Trace:\n scsi_queue_rq+0x58c/0xa60\n blk_mq_dispatch_rq_list+0x2b7/0x6f0\n ? __sbitmap_get_word+0x2a/0x80\n __blk_mq_sched_dispatch_requests+0xb8/0x170\n blk_mq_sched_dispatch_requests+0x2b/0x50\n __blk_mq_run_hw_queue+0x49/0xb0\n __blk_mq_delay_run_hw_queue+0xfb/0x150\n blk_mq_sched_insert_request+0xbe/0x110\n blk_execute_rq+0x45/0x70\n __scsi_execute+0x10e/0x250\n scsi_probe_and_add_lun+0x228/0xda0\n __scsi_scan_target+0xf4/0x620\n ? __pm_runtime_resume+0x4f/0x70\n scsi_scan_target+0x100/0x110\n fc_scsi_scan_rport+0xa1/0xb0 [scsi_transport_fc]\n process_one_work+0x1ea/0x3b0\n worker_thread+0x28/0x3b0\n ? process_one_work+0x3b0/0x3b0\n kthread+0x112/0x130\n ? kthread_park+0x80/0x80\n ret_from_fork+0x22/0x30\n\nThe driver should allocate enough vectors to provide every CPU it\u0027s own HW\nqueue and still handle reserved (MB, RSP, ATIO) interrupts.\n\nThe change fixes the crash on dual core VM and prevents unbalanced QP\nallocation where nr_hw_queues is two less than the number of CPUs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46964",
"url": "https://www.suse.com/security/cve/CVE-2021-46964"
},
{
"category": "external",
"summary": "SUSE Bug 1220538 for CVE-2021-46964",
"url": "https://bugzilla.suse.com/1220538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46964"
},
{
"cve": "CVE-2021-46966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: custom_method: fix potential use-after-free issue\n\nIn cm_write(), buf is always freed when reaching the end of the\nfunction. If the requested count is less than table.length, the\nallocated buffer will be freed but subsequent calls to cm_write() will\nstill try to access it.\n\nRemove the unconditional kfree(buf) at the end of the function and\nset the buf to NULL in the -EINVAL error path to match the rest of\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46966",
"url": "https://www.suse.com/security/cve/CVE-2021-46966"
},
{
"category": "external",
"summary": "SUSE Bug 1220572 for CVE-2021-46966",
"url": "https://bugzilla.suse.com/1220572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46966"
},
{
"cve": "CVE-2021-46981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: Fix NULL pointer in flush_workqueue\n\nOpen /dev/nbdX first, the config_refs will be 1 and\nthe pointers in nbd_device are still null. Disconnect\n/dev/nbdX, then reference a null recv_workq. The\nprotection by config_refs in nbd_genl_disconnect is useless.\n\n[ 656.366194] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 656.368943] #PF: supervisor write access in kernel mode\n[ 656.369844] #PF: error_code(0x0002) - not-present page\n[ 656.370717] PGD 10cc87067 P4D 10cc87067 PUD 1074b4067 PMD 0\n[ 656.371693] Oops: 0002 [#1] SMP\n[ 656.372242] CPU: 5 PID: 7977 Comm: nbd-client Not tainted 5.11.0-rc5-00040-g76c057c84d28 #1\n[ 656.373661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\n[ 656.375904] RIP: 0010:mutex_lock+0x29/0x60\n[ 656.376627] Code: 00 0f 1f 44 00 00 55 48 89 fd 48 83 05 6f d7 fe 08 01 e8 7a c3 ff ff 48 83 05 6a d7 fe 08 01 31 c0 65 48 8b 14 25 00 6d 01 00 \u003cf0\u003e 48 0f b1 55 d\n[ 656.378934] RSP: 0018:ffffc900005eb9b0 EFLAGS: 00010246\n[ 656.379350] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 656.379915] RDX: ffff888104cf2600 RSI: ffffffffaae8f452 RDI: 0000000000000020\n[ 656.380473] RBP: 0000000000000020 R08: 0000000000000000 R09: ffff88813bd6b318\n[ 656.381039] R10: 00000000000000c7 R11: fefefefefefefeff R12: ffff888102710b40\n[ 656.381599] R13: ffffc900005eb9e0 R14: ffffffffb2930680 R15: ffff88810770ef00\n[ 656.382166] FS: 00007fdf117ebb40(0000) GS:ffff88813bd40000(0000) knlGS:0000000000000000\n[ 656.382806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 656.383261] CR2: 0000000000000020 CR3: 0000000100c84000 CR4: 00000000000006e0\n[ 656.383819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 656.384370] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 656.384927] Call Trace:\n[ 656.385111] flush_workqueue+0x92/0x6c0\n[ 656.385395] nbd_disconnect_and_put+0x81/0xd0\n[ 656.385716] nbd_genl_disconnect+0x125/0x2a0\n[ 656.386034] genl_family_rcv_msg_doit.isra.0+0x102/0x1b0\n[ 656.386422] genl_rcv_msg+0xfc/0x2b0\n[ 656.386685] ? nbd_ioctl+0x490/0x490\n[ 656.386954] ? genl_family_rcv_msg_doit.isra.0+0x1b0/0x1b0\n[ 656.387354] netlink_rcv_skb+0x62/0x180\n[ 656.387638] genl_rcv+0x34/0x60\n[ 656.387874] netlink_unicast+0x26d/0x590\n[ 656.388162] netlink_sendmsg+0x398/0x6c0\n[ 656.388451] ? netlink_rcv_skb+0x180/0x180\n[ 656.388750] ____sys_sendmsg+0x1da/0x320\n[ 656.389038] ? ____sys_recvmsg+0x130/0x220\n[ 656.389334] ___sys_sendmsg+0x8e/0xf0\n[ 656.389605] ? ___sys_recvmsg+0xa2/0xf0\n[ 656.389889] ? handle_mm_fault+0x1671/0x21d0\n[ 656.390201] __sys_sendmsg+0x6d/0xe0\n[ 656.390464] __x64_sys_sendmsg+0x23/0x30\n[ 656.390751] do_syscall_64+0x45/0x70\n[ 656.391017] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nTo fix it, just add if (nbd-\u003erecv_workq) to nbd_disconnect_and_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46981",
"url": "https://www.suse.com/security/cve/CVE-2021-46981"
},
{
"category": "external",
"summary": "SUSE Bug 1220611 for CVE-2021-46981",
"url": "https://bugzilla.suse.com/1220611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46981"
},
{
"cve": "CVE-2021-46988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: release page in error path to avoid BUG_ON\n\nConsider the following sequence of events:\n\n1. Userspace issues a UFFD ioctl, which ends up calling into\n shmem_mfill_atomic_pte(). We successfully account the blocks, we\n shmem_alloc_page(), but then the copy_from_user() fails. We return\n -ENOENT. We don\u0027t release the page we allocated.\n2. Our caller detects this error code, tries the copy_from_user() after\n dropping the mmap_lock, and retries, calling back into\n shmem_mfill_atomic_pte().\n3. Meanwhile, let\u0027s say another process filled up the tmpfs being used.\n4. So shmem_mfill_atomic_pte() fails to account blocks this time, and\n immediately returns - without releasing the page.\n\nThis triggers a BUG_ON in our caller, which asserts that the page\nshould always be consumed, unless -ENOENT is returned.\n\nTo fix this, detect if we have such a \"dangling\" page when accounting\nfails, and if so, release it before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46988",
"url": "https://www.suse.com/security/cve/CVE-2021-46988"
},
{
"category": "external",
"summary": "SUSE Bug 1220706 for CVE-2021-46988",
"url": "https://bugzilla.suse.com/1220706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46988"
},
{
"cve": "CVE-2021-46990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix crashes when toggling entry flush barrier\n\nThe entry flush mitigation can be enabled/disabled at runtime via a\ndebugfs file (entry_flush), which causes the kernel to patch itself to\nenable/disable the relevant mitigations.\n\nHowever depending on which mitigation we\u0027re using, it may not be safe to\ndo that patching while other CPUs are active. For example the following\ncrash:\n\n sleeper[15639]: segfault (11) at c000000000004c20 nip c000000000004c20 lr c000000000004c20\n\nShows that we returned to userspace with a corrupted LR that points into\nthe kernel, due to executing the partially patched call to the fallback\nentry flush (ie. we missed the LR restore).\n\nFix it by doing the patching under stop machine. The CPUs that aren\u0027t\ndoing the patching will be spinning in the core of the stop machine\nlogic. That is currently sufficient for our purposes, because none of\nthe patching we do is to that code or anywhere in the vicinity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46990",
"url": "https://www.suse.com/security/cve/CVE-2021-46990"
},
{
"category": "external",
"summary": "SUSE Bug 1220743 for CVE-2021-46990",
"url": "https://bugzilla.suse.com/1220743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46990"
},
{
"cve": "CVE-2021-46998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet:enic: Fix a use after free bug in enic_hard_start_xmit\n\nIn enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside\nenic_queue_wq_skb, if some error happens, the skb will be freed\nby dev_kfree_skb(skb). But the freed skb is still used in\nskb_tx_timestamp(skb).\n\nMy patch makes enic_queue_wq_skb() return error and goto spin_unlock()\nincase of error. The solution is provided by Govind.\nSee https://lkml.org/lkml/2021/4/30/961.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46998",
"url": "https://www.suse.com/security/cve/CVE-2021-46998"
},
{
"category": "external",
"summary": "SUSE Bug 1220625 for CVE-2021-46998",
"url": "https://bugzilla.suse.com/1220625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-46998"
},
{
"cve": "CVE-2021-47006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9064/1: hw_breakpoint: Do not directly check the event\u0027s overflow_handler hook\n\nThe commit 1879445dfa7b (\"perf/core: Set event\u0027s default\n::overflow_handler()\") set a default event-\u003eoverflow_handler in\nperf_event_alloc(), and replace the check event-\u003eoverflow_handler with\nis_default_overflow_handler(), but one is missing.\n\nCurrently, the bp-\u003eoverflow_handler can not be NULL. As a result,\nenable_single_step() is always not invoked.\n\nComments from Zhen Lei:\n\n https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210207105934.2001-1-thunder.leizhen@huawei.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47006",
"url": "https://www.suse.com/security/cve/CVE-2021-47006"
},
{
"category": "external",
"summary": "SUSE Bug 1220751 for CVE-2021-47006",
"url": "https://bugzilla.suse.com/1220751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47006"
},
{
"cve": "CVE-2021-47015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix RX consumer index logic in the error path.\n\nIn bnxt_rx_pkt(), the RX buffers are expected to complete in order.\nIf the RX consumer index indicates an out of order buffer completion,\nit means we are hitting a hardware bug and the driver will abort all\nremaining RX packets and reset the RX ring. The RX consumer index\nthat we pass to bnxt_discard_rx() is not correct. We should be\npassing the current index (tmp_raw_cons) instead of the old index\n(raw_cons). This bug can cause us to be at the wrong index when\ntrying to abort the next RX packet. It can crash like this:\n\n #0 [ffff9bbcdf5c39a8] machine_kexec at ffffffff9b05e007\n #1 [ffff9bbcdf5c3a00] __crash_kexec at ffffffff9b111232\n #2 [ffff9bbcdf5c3ad0] panic at ffffffff9b07d61e\n #3 [ffff9bbcdf5c3b50] oops_end at ffffffff9b030978\n #4 [ffff9bbcdf5c3b78] no_context at ffffffff9b06aaf0\n #5 [ffff9bbcdf5c3bd8] __bad_area_nosemaphore at ffffffff9b06ae2e\n #6 [ffff9bbcdf5c3c28] bad_area_nosemaphore at ffffffff9b06af24\n #7 [ffff9bbcdf5c3c38] __do_page_fault at ffffffff9b06b67e\n #8 [ffff9bbcdf5c3cb0] do_page_fault at ffffffff9b06bb12\n #9 [ffff9bbcdf5c3ce0] page_fault at ffffffff9bc015c5\n [exception RIP: bnxt_rx_pkt+237]\n RIP: ffffffffc0259cdd RSP: ffff9bbcdf5c3d98 RFLAGS: 00010213\n RAX: 000000005dd8097f RBX: ffff9ba4cb11b7e0 RCX: ffffa923cf6e9000\n RDX: 0000000000000fff RSI: 0000000000000627 RDI: 0000000000001000\n RBP: ffff9bbcdf5c3e60 R8: 0000000000420003 R9: 000000000000020d\n R10: ffffa923cf6ec138 R11: ffff9bbcdf5c3e83 R12: ffff9ba4d6f928c0\n R13: ffff9ba4cac28080 R14: ffff9ba4cb11b7f0 R15: ffff9ba4d5a30000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47015",
"url": "https://www.suse.com/security/cve/CVE-2021-47015"
},
{
"category": "external",
"summary": "SUSE Bug 1220794 for CVE-2021-47015",
"url": "https://bugzilla.suse.com/1220794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47015"
},
{
"cve": "CVE-2021-47024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: free queued packets when closing socket\n\nAs reported by syzbot [1], there is a memory leak while closing the\nsocket. We partially solved this issue with commit ac03046ece2b\n(\"vsock/virtio: free packets during the socket release\"), but we\nforgot to drain the RX queue when the socket is definitely closed by\nthe scheduled work.\n\nTo avoid future issues, let\u0027s use the new virtio_transport_remove_sock()\nto drain the RX queue before removing the socket from the af_vsock lists\ncalling vsock_remove_sock().\n\n[1] https://syzkaller.appspot.com/bug?extid=24452624fc4c571eedd9",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47024",
"url": "https://www.suse.com/security/cve/CVE-2021-47024"
},
{
"category": "external",
"summary": "SUSE Bug 1220637 for CVE-2021-47024",
"url": "https://bugzilla.suse.com/1220637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47024"
},
{
"cve": "CVE-2021-47034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix pte update for kernel memory on radix\n\nWhen adding a PTE a ptesync is needed to order the update of the PTE\nwith subsequent accesses otherwise a spurious fault may be raised.\n\nradix__set_pte_at() does not do this for performance gains. For\nnon-kernel memory this is not an issue as any faults of this kind are\ncorrected by the page fault handler. For kernel memory these faults\nare not handled. The current solution is that there is a ptesync in\nflush_cache_vmap() which should be called when mapping from the\nvmalloc region.\n\nHowever, map_kernel_page() does not call flush_cache_vmap(). This is\ntroublesome in particular for code patching with Strict RWX on radix.\nIn do_patch_instruction() the page frame that contains the instruction\nto be patched is mapped and then immediately patched. With no ordering\nor synchronization between setting up the PTE and writing to the page\nit is possible for faults.\n\nAs the code patching is done using __put_user_asm_goto() the resulting\nfault is obscured - but using a normal store instead it can be seen:\n\n BUG: Unable to handle kernel data access on write at 0xc008000008f24a3c\n Faulting instruction address: 0xc00000000008bd74\n Oops: Kernel access of bad area, sig: 11 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in: nop_module(PO+) [last unloaded: nop_module]\n CPU: 4 PID: 757 Comm: sh Tainted: P O 5.10.0-rc5-01361-ge3c1b78c8440-dirty #43\n NIP: c00000000008bd74 LR: c00000000008bd50 CTR: c000000000025810\n REGS: c000000016f634a0 TRAP: 0300 Tainted: P O (5.10.0-rc5-01361-ge3c1b78c8440-dirty)\n MSR: 9000000000009033 \u003cSF,HV,EE,ME,IR,DR,RI,LE\u003e CR: 44002884 XER: 00000000\n CFAR: c00000000007c68c DAR: c008000008f24a3c DSISR: 42000000 IRQMASK: 1\n\nThis results in the kind of issue reported here:\n https://lore.kernel.org/linuxppc-dev/15AC5B0E-A221-4B8C-9039-FA96B8EF7C88@lca.pw/\n\nChris Riedl suggested a reliable way to reproduce the issue:\n $ mount -t debugfs none /sys/kernel/debug\n $ (while true; do echo function \u003e /sys/kernel/debug/tracing/current_tracer ; echo nop \u003e /sys/kernel/debug/tracing/current_tracer ; done) \u0026\n\nTurning ftrace on and off does a large amount of code patching which\nin usually less then 5min will crash giving a trace like:\n\n ftrace-powerpc: (____ptrval____): replaced (4b473b11) != old (60000000)\n ------------[ ftrace bug ]------------\n ftrace failed to modify\n [\u003cc000000000bf8e5c\u003e] napi_busy_loop+0xc/0x390\n actual: 11:3b:47:4b\n Setting ftrace call site to call ftrace function\n ftrace record flags: 80000001\n (1)\n expected tramp: c00000000006c96c\n ------------[ cut here ]------------\n WARNING: CPU: 4 PID: 809 at kernel/trace/ftrace.c:2065 ftrace_bug+0x28c/0x2e8\n Modules linked in: nop_module(PO-) [last unloaded: nop_module]\n CPU: 4 PID: 809 Comm: sh Tainted: P O 5.10.0-rc5-01360-gf878ccaf250a #1\n NIP: c00000000024f334 LR: c00000000024f330 CTR: c0000000001a5af0\n REGS: c000000004c8b760 TRAP: 0700 Tainted: P O (5.10.0-rc5-01360-gf878ccaf250a)\n MSR: 900000000282b033 \u003cSF,HV,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 28008848 XER: 20040000\n CFAR: c0000000001a9c98 IRQMASK: 0\n GPR00: c00000000024f330 c000000004c8b9f0 c000000002770600 0000000000000022\n GPR04: 00000000ffff7fff c000000004c8b6d0 0000000000000027 c0000007fe9bcdd8\n GPR08: 0000000000000023 ffffffffffffffd8 0000000000000027 c000000002613118\n GPR12: 0000000000008000 c0000007fffdca00 0000000000000000 0000000000000000\n GPR16: 0000000023ec37c5 0000000000000000 0000000000000000 0000000000000008\n GPR20: c000000004c8bc90 c0000000027a2d20 c000000004c8bcd0 c000000002612fe8\n GPR24: 0000000000000038 0000000000000030 0000000000000028 0000000000000020\n GPR28: c000000000ff1b68 c000000000bf8e5c c00000000312f700 c000000000fbb9b0\n NIP ftrace_bug+0x28c/0x2e8\n LR ftrace_bug+0x288/0x2e8\n Call T\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47034",
"url": "https://www.suse.com/security/cve/CVE-2021-47034"
},
{
"category": "external",
"summary": "SUSE Bug 1220687 for CVE-2021-47034",
"url": "https://bugzilla.suse.com/1220687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47034"
},
{
"cve": "CVE-2021-47045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()\n\nIt is possible to call lpfc_issue_els_plogi() passing a did for which no\nmatching ndlp is found. A call is then made to lpfc_prep_els_iocb() with a\nnull pointer to a lpfc_nodelist structure resulting in a null pointer\ndereference.\n\nFix by returning an error status if no valid ndlp is found. Fix up comments\nregarding ndlp reference counting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47045",
"url": "https://www.suse.com/security/cve/CVE-2021-47045"
},
{
"category": "external",
"summary": "SUSE Bug 1220640 for CVE-2021-47045",
"url": "https://bugzilla.suse.com/1220640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47045"
},
{
"cve": "CVE-2021-47049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Use after free in __vmbus_open()\n\nThe \"open_info\" variable is added to the \u0026vmbus_connection.chn_msg_list,\nbut the error handling frees \"open_info\" without removing it from the\nlist. This will result in a use after free. First remove it from the\nlist, and then free it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47049",
"url": "https://www.suse.com/security/cve/CVE-2021-47049"
},
{
"category": "external",
"summary": "SUSE Bug 1220692 for CVE-2021-47049",
"url": "https://bugzilla.suse.com/1220692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47049"
},
{
"cve": "CVE-2021-47055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: require write permissions for locking and badblock ioctls\n\nMEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require\nwrite permission. Depending on the hardware MEMLOCK might even be\nwrite-once, e.g. for SPI-NOR flashes with their WP# tied to GND. OTPLOCK\nis always write-once.\n\nMEMSETBADBLOCK modifies the bad block table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47055",
"url": "https://www.suse.com/security/cve/CVE-2021-47055"
},
{
"category": "external",
"summary": "SUSE Bug 1220768 for CVE-2021-47055",
"url": "https://bugzilla.suse.com/1220768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47055"
},
{
"cve": "CVE-2021-47056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init\n\nADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown()\nbefore calling adf_iov_putmsg()-\u003emutex_lock(vf2pf_lock), however the\nvf2pf_lock is initialized in adf_dev_init(), which can fail and when it\nfail, the vf2pf_lock is either not initialized or destroyed, a subsequent\nuse of vf2pf_lock will cause issue.\nTo fix this issue, only set this flag if adf_dev_init() returns 0.\n\n[ 7.178404] BUG: KASAN: user-memory-access in __mutex_lock.isra.0+0x1ac/0x7c0\n[ 7.180345] Call Trace:\n[ 7.182576] mutex_lock+0xc9/0xd0\n[ 7.183257] adf_iov_putmsg+0x118/0x1a0 [intel_qat]\n[ 7.183541] adf_vf2pf_shutdown+0x4d/0x7b [intel_qat]\n[ 7.183834] adf_dev_shutdown+0x172/0x2b0 [intel_qat]\n[ 7.184127] adf_probe+0x5e9/0x600 [qat_dh895xccvf]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47056",
"url": "https://www.suse.com/security/cve/CVE-2021-47056"
},
{
"category": "external",
"summary": "SUSE Bug 1220769 for CVE-2021-47056",
"url": "https://bugzilla.suse.com/1220769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47056"
},
{
"cve": "CVE-2021-47060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Stop looking for coalesced MMIO zones if the bus is destroyed\n\nAbort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev()\nfails to allocate memory for the new instance of the bus. If it can\u0027t\ninstantiate a new bus, unregister_dev() destroys all devices _except_ the\ntarget device. But, it doesn\u0027t tell the caller that it obliterated the\nbus and invoked the destructor for all devices that were on the bus. In\nthe coalesced MMIO case, this can result in a deleted list entry\ndereference due to attempting to continue iterating on coalesced_zones\nafter future entries (in the walk) have been deleted.\n\nOpportunistically add curly braces to the for-loop, which encompasses\nmany lines but sneaks by without braces due to the guts being a single\nif statement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47060",
"url": "https://www.suse.com/security/cve/CVE-2021-47060"
},
{
"category": "external",
"summary": "SUSE Bug 1220742 for CVE-2021-47060",
"url": "https://bugzilla.suse.com/1220742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47060"
},
{
"cve": "CVE-2021-47061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Destroy I/O bus devices on unregister failure _after_ sync\u0027ing SRCU\n\nIf allocating a new instance of an I/O bus fails when unregistering a\ndevice, wait to destroy the device until after all readers are guaranteed\nto see the new null bus. Destroying devices before the bus is nullified\ncould lead to use-after-free since readers expect the devices on their\nreference of the bus to remain valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47061",
"url": "https://www.suse.com/security/cve/CVE-2021-47061"
},
{
"category": "external",
"summary": "SUSE Bug 1220745 for CVE-2021-47061",
"url": "https://bugzilla.suse.com/1220745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47061"
},
{
"cve": "CVE-2021-47063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge/panel: Cleanup connector on bridge detach\n\nIf we don\u0027t call drm_connector_cleanup() manually in\npanel_bridge_detach(), the connector will be cleaned up with the other\nDRM objects in the call to drm_mode_config_cleanup(). However, since our\ndrm_connector is devm-allocated, by the time drm_mode_config_cleanup()\nwill be called, our connector will be long gone. Therefore, the\nconnector must be cleaned up when the bridge is detached to avoid\nuse-after-free conditions.\n\nv2: Cleanup connector only if it was created\n\nv3: Add FIXME\n\nv4: (Use connector-\u003edev) directly in if() block",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47063",
"url": "https://www.suse.com/security/cve/CVE-2021-47063"
},
{
"category": "external",
"summary": "SUSE Bug 1220777 for CVE-2021-47063",
"url": "https://bugzilla.suse.com/1220777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47063"
},
{
"cve": "CVE-2021-47068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/nfc: fix use-after-free llcp_sock_bind/connect\n\nCommits 8a4cd82d (\"nfc: fix refcount leak in llcp_sock_connect()\")\nand c33b1cc62 (\"nfc: fix refcount leak in llcp_sock_bind()\")\nfixed a refcount leak bug in bind/connect but introduced a\nuse-after-free if the same local is assigned to 2 different sockets.\n\nThis can be triggered by the following simple program:\n int sock1 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP );\n int sock2 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP );\n memset( \u0026addr, 0, sizeof(struct sockaddr_nfc_llcp) );\n addr.sa_family = AF_NFC;\n addr.nfc_protocol = NFC_PROTO_NFC_DEP;\n bind( sock1, (struct sockaddr*) \u0026addr, sizeof(struct sockaddr_nfc_llcp) )\n bind( sock2, (struct sockaddr*) \u0026addr, sizeof(struct sockaddr_nfc_llcp) )\n close(sock1);\n close(sock2);\n\nFix this by assigning NULL to llcp_sock-\u003elocal after calling\nnfc_llcp_local_put.\n\nThis addresses CVE-2021-23134.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47068",
"url": "https://www.suse.com/security/cve/CVE-2021-47068"
},
{
"category": "external",
"summary": "SUSE Bug 1220739 for CVE-2021-47068",
"url": "https://bugzilla.suse.com/1220739"
},
{
"category": "external",
"summary": "SUSE Bug 1221130 for CVE-2021-47068",
"url": "https://bugzilla.suse.com/1221130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2021-47068"
},
{
"cve": "CVE-2021-47070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix another memory leak in error handling paths\n\nMemory allocated by \u0027vmbus_alloc_ring()\u0027 at the beginning of the probe\nfunction is never freed in the error handling path.\n\nAdd the missing \u0027vmbus_free_ring()\u0027 call.\n\nNote that it is already freed in the .remove function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47070",
"url": "https://www.suse.com/security/cve/CVE-2021-47070"
},
{
"category": "external",
"summary": "SUSE Bug 1220829 for CVE-2021-47070",
"url": "https://bugzilla.suse.com/1220829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47070"
},
{
"cve": "CVE-2021-47071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix a memory leak in error handling paths\n\nIf \u0027vmbus_establish_gpadl()\u0027 fails, the (recv|send)_gpadl will not be\nupdated and \u0027hv_uio_cleanup()\u0027 in the error handling path will not be\nable to free the corresponding buffer.\n\nIn such a case, we need to free the buffer explicitly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47071",
"url": "https://www.suse.com/security/cve/CVE-2021-47071"
},
{
"category": "external",
"summary": "SUSE Bug 1220846 for CVE-2021-47071",
"url": "https://bugzilla.suse.com/1220846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47071"
},
{
"cve": "CVE-2021-47073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios\n\ninit_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems\nwhere the Dell WMI interface is supported. While exit_dell_smbios_wmi()\nunregisters it unconditionally, this leads to the following oops:\n\n[ 175.722921] ------------[ cut here ]------------\n[ 175.722925] Unexpected driver unregister!\n[ 175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driver_unregister+0x38/0x40\n...\n[ 175.723089] Call Trace:\n[ 175.723094] cleanup_module+0x5/0xedd [dell_smbios]\n...\n[ 175.723148] ---[ end trace 064c34e1ad49509d ]---\n\nMake the unregister happen on the same condition the register happens\nto fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47073",
"url": "https://www.suse.com/security/cve/CVE-2021-47073"
},
{
"category": "external",
"summary": "SUSE Bug 1220850 for CVE-2021-47073",
"url": "https://bugzilla.suse.com/1220850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47073"
},
{
"cve": "CVE-2021-47100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module\n\nHi,\n\nWhen testing install and uninstall of ipmi_si.ko and ipmi_msghandler.ko,\nthe system crashed.\n\nThe log as follows:\n[ 141.087026] BUG: unable to handle kernel paging request at ffffffffc09b3a5a\n[ 141.087241] PGD 8fe4c0d067 P4D 8fe4c0d067 PUD 8fe4c0f067 PMD 103ad89067 PTE 0\n[ 141.087464] Oops: 0010 [#1] SMP NOPTI\n[ 141.087580] CPU: 67 PID: 668 Comm: kworker/67:1 Kdump: loaded Not tainted 4.18.0.x86_64 #47\n[ 141.088009] Workqueue: events 0xffffffffc09b3a40\n[ 141.088009] RIP: 0010:0xffffffffc09b3a5a\n[ 141.088009] Code: Bad RIP value.\n[ 141.088009] RSP: 0018:ffffb9094e2c3e88 EFLAGS: 00010246\n[ 141.088009] RAX: 0000000000000000 RBX: ffff9abfdb1f04a0 RCX: 0000000000000000\n[ 141.088009] RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\n[ 141.088009] RBP: 0000000000000000 R08: ffff9abfffee3cb8 R09: 00000000000002e1\n[ 141.088009] R10: ffffb9094cb73d90 R11: 00000000000f4240 R12: ffff9abfffee8700\n[ 141.088009] R13: 0000000000000000 R14: ffff9abfdb1f04a0 R15: ffff9abfdb1f04a8\n[ 141.088009] FS: 0000000000000000(0000) GS:ffff9abfffec0000(0000) knlGS:0000000000000000\n[ 141.088009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 141.088009] CR2: ffffffffc09b3a30 CR3: 0000008fe4c0a001 CR4: 00000000007606e0\n[ 141.088009] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 141.088009] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 141.088009] PKRU: 55555554\n[ 141.088009] Call Trace:\n[ 141.088009] ? process_one_work+0x195/0x390\n[ 141.088009] ? worker_thread+0x30/0x390\n[ 141.088009] ? process_one_work+0x390/0x390\n[ 141.088009] ? kthread+0x10d/0x130\n[ 141.088009] ? kthread_flush_work_fn+0x10/0x10\n[ 141.088009] ? ret_from_fork+0x35/0x40] BUG: unable to handle kernel paging request at ffffffffc0b28a5a\n[ 200.223240] PGD 97fe00d067 P4D 97fe00d067 PUD 97fe00f067 PMD a580cbf067 PTE 0\n[ 200.223464] Oops: 0010 [#1] SMP NOPTI\n[ 200.223579] CPU: 63 PID: 664 Comm: kworker/63:1 Kdump: loaded Not tainted 4.18.0.x86_64 #46\n[ 200.224008] Workqueue: events 0xffffffffc0b28a40\n[ 200.224008] RIP: 0010:0xffffffffc0b28a5a\n[ 200.224008] Code: Bad RIP value.\n[ 200.224008] RSP: 0018:ffffbf3c8e2a3e88 EFLAGS: 00010246\n[ 200.224008] RAX: 0000000000000000 RBX: ffffa0799ad6bca0 RCX: 0000000000000000\n[ 200.224008] RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\n[ 200.224008] RBP: 0000000000000000 R08: ffff9fe43fde3cb8 R09: 00000000000000d5\n[ 200.224008] R10: ffffbf3c8cb53d90 R11: 00000000000f4240 R12: ffff9fe43fde8700\n[ 200.224008] R13: 0000000000000000 R14: ffffa0799ad6bca0 R15: ffffa0799ad6bca8\n[ 200.224008] FS: 0000000000000000(0000) GS:ffff9fe43fdc0000(0000) knlGS:0000000000000000\n[ 200.224008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 200.224008] CR2: ffffffffc0b28a30 CR3: 00000097fe00a002 CR4: 00000000007606e0\n[ 200.224008] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 200.224008] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 200.224008] PKRU: 55555554\n[ 200.224008] Call Trace:\n[ 200.224008] ? process_one_work+0x195/0x390\n[ 200.224008] ? worker_thread+0x30/0x390\n[ 200.224008] ? process_one_work+0x390/0x390\n[ 200.224008] ? kthread+0x10d/0x130\n[ 200.224008] ? kthread_flush_work_fn+0x10/0x10\n[ 200.224008] ? ret_from_fork+0x35/0x40\n[ 200.224008] kernel fault(0x1) notification starting on CPU 63\n[ 200.224008] kernel fault(0x1) notification finished on CPU 63\n[ 200.224008] CR2: ffffffffc0b28a5a\n[ 200.224008] ---[ end trace c82a412d93f57412 ]---\n\nThe reason is as follows:\nT1: rmmod ipmi_si.\n -\u003eipmi_unregister_smi()\n -\u003e ipmi_bmc_unregister()\n -\u003e __ipmi_bmc_unregister()\n -\u003e kref_put(\u0026bmc-\u003eusecount, cleanup_bmc_device);\n -\u003e schedule_work(\u0026bmc-\u003eremove_work);\n\nT2: rmmod ipmi_msghandl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47100",
"url": "https://www.suse.com/security/cve/CVE-2021-47100"
},
{
"category": "external",
"summary": "SUSE Bug 1220985 for CVE-2021-47100",
"url": "https://bugzilla.suse.com/1220985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47100"
},
{
"cve": "CVE-2021-47101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nasix: fix uninit-value in asix_mdio_read()\n\nasix_read_cmd() may read less than sizeof(smsr) bytes and in this case\nsmsr will be uninitialized.\n\nFail log:\nBUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]\nBUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497\nBUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497\n asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]\n asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497\n asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47101",
"url": "https://www.suse.com/security/cve/CVE-2021-47101"
},
{
"category": "external",
"summary": "SUSE Bug 1220987 for CVE-2021-47101",
"url": "https://bugzilla.suse.com/1220987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47101"
},
{
"cve": "CVE-2021-47104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Fix memory leak in qib_user_sdma_queue_pkts()\n\nThe wrong goto label was used for the error case and missed cleanup of the\npkt allocation.\n\nAddresses-Coverity-ID: 1493352 (\"Resource leak\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47104",
"url": "https://www.suse.com/security/cve/CVE-2021-47104"
},
{
"category": "external",
"summary": "SUSE Bug 1220960 for CVE-2021-47104",
"url": "https://bugzilla.suse.com/1220960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47104"
},
{
"cve": "CVE-2021-47110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Disable kvmclock on all CPUs on shutdown\n\nCurrenly, we disable kvmclock from machine_shutdown() hook and this\nonly happens for boot CPU. We need to disable it for all CPUs to\nguard against memory corruption e.g. on restore from hibernate.\n\nNote, writing \u00270\u0027 to kvmclock MSR doesn\u0027t clear memory location, it\njust prevents hypervisor from updating the location so for the short\nwhile after write and while CPU is still alive, the clock remains usable\nand correct so we don\u0027t need to switch to some other clocksource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47110",
"url": "https://www.suse.com/security/cve/CVE-2021-47110"
},
{
"category": "external",
"summary": "SUSE Bug 1221532 for CVE-2021-47110",
"url": "https://bugzilla.suse.com/1221532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47110"
},
{
"cve": "CVE-2021-47112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Teardown PV features on boot CPU as well\n\nVarious PV features (Async PF, PV EOI, steal time) work through memory\nshared with hypervisor and when we restore from hibernation we must\nproperly teardown all these features to make sure hypervisor doesn\u0027t\nwrite to stale locations after we jump to the previously hibernated kernel\n(which can try to place anything there). For secondary CPUs the job is\nalready done by kvm_cpu_down_prepare(), register syscore ops to do\nthe same for boot CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47112",
"url": "https://www.suse.com/security/cve/CVE-2021-47112"
},
{
"category": "external",
"summary": "SUSE Bug 1221541 for CVE-2021-47112",
"url": "https://bugzilla.suse.com/1221541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47112"
},
{
"cve": "CVE-2021-47113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: abort in rename_exchange if we fail to insert the second ref\n\nError injection stress uncovered a problem where we\u0027d leave a dangling\ninode ref if we failed during a rename_exchange. This happens because\nwe insert the inode ref for one side of the rename, and then for the\nother side. If this second inode ref insert fails we\u0027ll leave the first\none dangling and leave a corrupt file system behind. Fix this by\naborting if we did the insert for the first inode ref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47113",
"url": "https://www.suse.com/security/cve/CVE-2021-47113"
},
{
"category": "external",
"summary": "SUSE Bug 1221543 for CVE-2021-47113",
"url": "https://bugzilla.suse.com/1221543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47113"
},
{
"cve": "CVE-2021-47114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption by fallocate\n\nWhen fallocate punches holes out of inode size, if original isize is in\nthe middle of last cluster, then the part from isize to the end of the\ncluster will be zeroed with buffer write, at that time isize is not yet\nupdated to match the new size, if writeback is kicked in, it will invoke\nocfs2_writepage()-\u003eblock_write_full_page() where the pages out of inode\nsize will be dropped. That will cause file corruption. Fix this by\nzero out eof blocks when extending the inode size.\n\nRunning the following command with qemu-image 4.2.1 can get a corrupted\ncoverted image file easily.\n\n qemu-img convert -p -t none -T none -f qcow2 $qcow_image \\\n -O qcow2 -o compat=1.1 $qcow_image.conv\n\nThe usage of fallocate in qemu is like this, it first punches holes out\nof inode size, then extend the inode size.\n\n fallocate(11, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 2276196352, 65536) = 0\n fallocate(11, 0, 2276196352, 65536) = 0\n\nv1: https://www.spinics.net/lists/linux-fsdevel/msg193999.html\nv2: https://lore.kernel.org/linux-fsdevel/20210525093034.GB4112@quack2.suse.cz/T/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47114",
"url": "https://www.suse.com/security/cve/CVE-2021-47114"
},
{
"category": "external",
"summary": "SUSE Bug 1221548 for CVE-2021-47114",
"url": "https://bugzilla.suse.com/1221548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47114"
},
{
"cve": "CVE-2021-47117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed\n\nWe got follow bug_on when run fsstress with injecting IO fault:\n[130747.323114] kernel BUG at fs/ext4/extents_status.c:762!\n[130747.323117] Internal error: Oops - BUG: 0 [#1] SMP\n......\n[130747.334329] Call trace:\n[130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4]\n[130747.334975] ext4_cache_extents+0x64/0xe8 [ext4]\n[130747.335368] ext4_find_extent+0x300/0x330 [ext4]\n[130747.335759] ext4_ext_map_blocks+0x74/0x1178 [ext4]\n[130747.336179] ext4_map_blocks+0x2f4/0x5f0 [ext4]\n[130747.336567] ext4_mpage_readpages+0x4a8/0x7a8 [ext4]\n[130747.336995] ext4_readpage+0x54/0x100 [ext4]\n[130747.337359] generic_file_buffered_read+0x410/0xae8\n[130747.337767] generic_file_read_iter+0x114/0x190\n[130747.338152] ext4_file_read_iter+0x5c/0x140 [ext4]\n[130747.338556] __vfs_read+0x11c/0x188\n[130747.338851] vfs_read+0x94/0x150\n[130747.339110] ksys_read+0x74/0xf0\n\nThis patch\u0027s modification is according to Jan Kara\u0027s suggestion in:\nhttps://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/\n\"I see. Now I understand your patch. Honestly, seeing how fragile is trying\nto fix extent tree after split has failed in the middle, I would probably\ngo even further and make sure we fix the tree properly in case of ENOSPC\nand EDQUOT (those are easily user triggerable). Anything else indicates a\nHW problem or fs corruption so I\u0027d rather leave the extent tree as is and\ndon\u0027t try to fix it (which also means we will not create overlapping\nextents).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47117",
"url": "https://www.suse.com/security/cve/CVE-2021-47117"
},
{
"category": "external",
"summary": "SUSE Bug 1221575 for CVE-2021-47117",
"url": "https://bugzilla.suse.com/1221575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47117"
},
{
"cve": "CVE-2021-47118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npid: take a reference when initializing `cad_pid`\n\nDuring boot, kernel_init_freeable() initializes `cad_pid` to the init\ntask\u0027s struct pid. Later on, we may change `cad_pid` via a sysctl, and\nwhen this happens proc_do_cad_pid() will increment the refcount on the\nnew pid via get_pid(), and will decrement the refcount on the old pid\nvia put_pid(). As we never called get_pid() when we initialized\n`cad_pid`, we decrement a reference we never incremented, can therefore\nfree the init task\u0027s struct pid early. As there can be dangling\nreferences to the struct pid, we can later encounter a use-after-free\n(e.g. when delivering signals).\n\nThis was spotted when fuzzing v5.13-rc3 with Syzkaller, but seems to\nhave been around since the conversion of `cad_pid` to struct pid in\ncommit 9ec52099e4b8 (\"[PATCH] replace cad_pid by a struct pid\") from the\npre-KASAN stone age of v2.6.19.\n\nFix this by getting a reference to the init task\u0027s struct pid when we\nassign it to `cad_pid`.\n\nFull KASAN splat below.\n\n ==================================================================\n BUG: KASAN: use-after-free in ns_of_pid include/linux/pid.h:153 [inline]\n BUG: KASAN: use-after-free in task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n Read of size 4 at addr ffff23794dda0004 by task syz-executor.0/273\n\n CPU: 1 PID: 273 Comm: syz-executor.0 Not tainted 5.12.0-00001-g9aef892b2d15 #1\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n ns_of_pid include/linux/pid.h:153 [inline]\n task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n do_notify_parent+0x308/0xe60 kernel/signal.c:1950\n exit_notify kernel/exit.c:682 [inline]\n do_exit+0x2334/0x2bd0 kernel/exit.c:845\n do_group_exit+0x108/0x2c8 kernel/exit.c:922\n get_signal+0x4e4/0x2a88 kernel/signal.c:2781\n do_signal arch/arm64/kernel/signal.c:882 [inline]\n do_notify_resume+0x300/0x970 arch/arm64/kernel/signal.c:936\n work_pending+0xc/0x2dc\n\n Allocated by task 0:\n slab_post_alloc_hook+0x50/0x5c0 mm/slab.h:516\n slab_alloc_node mm/slub.c:2907 [inline]\n slab_alloc mm/slub.c:2915 [inline]\n kmem_cache_alloc+0x1f4/0x4c0 mm/slub.c:2920\n alloc_pid+0xdc/0xc00 kernel/pid.c:180\n copy_process+0x2794/0x5e18 kernel/fork.c:2129\n kernel_clone+0x194/0x13c8 kernel/fork.c:2500\n kernel_thread+0xd4/0x110 kernel/fork.c:2552\n rest_init+0x44/0x4a0 init/main.c:687\n arch_call_rest_init+0x1c/0x28\n start_kernel+0x520/0x554 init/main.c:1064\n 0x0\n\n Freed by task 270:\n slab_free_hook mm/slub.c:1562 [inline]\n slab_free_freelist_hook+0x98/0x260 mm/slub.c:1600\n slab_free mm/slub.c:3161 [inline]\n kmem_cache_free+0x224/0x8e0 mm/slub.c:3177\n put_pid.part.4+0xe0/0x1a8 kernel/pid.c:114\n put_pid+0x30/0x48 kernel/pid.c:109\n proc_do_cad_pid+0x190/0x1b0 kernel/sysctl.c:1401\n proc_sys_call_handler+0x338/0x4b0 fs/proc/proc_sysctl.c:591\n proc_sys_write+0x34/0x48 fs/proc/proc_sysctl.c:617\n call_write_iter include/linux/fs.h:1977 [inline]\n new_sync_write+0x3ac/0x510 fs/read_write.c:518\n vfs_write fs/read_write.c:605 [inline]\n vfs_write+0x9c4/0x1018 fs/read_write.c:585\n ksys_write+0x124/0x240 fs/read_write.c:658\n __do_sys_write fs/read_write.c:670 [inline]\n __se_sys_write fs/read_write.c:667 [inline]\n __arm64_sys_write+0x78/0xb0 fs/read_write.c:667\n __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]\n el0_svc_common.constprop.1+0x16c/0x388 arch/arm64/kernel/syscall.c:129\n do_el0_svc+0xf8/0x150 arch/arm64/kernel/syscall.c:168\n el0_svc+0x28/0x38 arch/arm64/kernel/entry-common.c:416\n el0_sync_handler+0x134/0x180 arch/arm64/kernel/entry-common.c:432\n el0_sync+0x154/0x180 arch/arm64/kernel/entry.S:701\n\n The buggy address belongs to the object at ffff23794dda0000\n which belongs to the cache pid of size 224\n The buggy address is located 4 bytes inside of\n 224-byte region [ff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47118",
"url": "https://www.suse.com/security/cve/CVE-2021-47118"
},
{
"category": "external",
"summary": "SUSE Bug 1221605 for CVE-2021-47118",
"url": "https://bugzilla.suse.com/1221605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47118"
},
{
"cve": "CVE-2021-47119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leak in ext4_fill_super\n\nBuffer head references must be released before calling kill_bdev();\notherwise the buffer head (and its page referenced by b_data) will not\nbe freed by kill_bdev, and subsequently that bh will be leaked.\n\nIf blocksizes differ, sb_set_blocksize() will kill current buffers and\npage cache by using kill_bdev(). And then super block will be reread\nagain but using correct blocksize this time. sb_set_blocksize() didn\u0027t\nfully free superblock page and buffer head, and being busy, they were\nnot freed and instead leaked.\n\nThis can easily be reproduced by calling an infinite loop of:\n\n systemctl start \u003cext4_on_lvm\u003e.mount, and\n systemctl stop \u003cext4_on_lvm\u003e.mount\n\n... since systemd creates a cgroup for each slice which it mounts, and\nthe bh leak get amplified by a dying memory cgroup that also never\ngets freed, and memory consumption is much more easily noticed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47119",
"url": "https://www.suse.com/security/cve/CVE-2021-47119"
},
{
"category": "external",
"summary": "SUSE Bug 1221608 for CVE-2021-47119",
"url": "https://bugzilla.suse.com/1221608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47119"
},
{
"cve": "CVE-2021-47131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix use-after-free after the TLS device goes down and up\n\nWhen a netdev with active TLS offload goes down, tls_device_down is\ncalled to stop the offload and tear down the TLS context. However, the\nsocket stays alive, and it still points to the TLS context, which is now\ndeallocated. If a netdev goes up, while the connection is still active,\nand the data flow resumes after a number of TCP retransmissions, it will\nlead to a use-after-free of the TLS context.\n\nThis commit addresses this bug by keeping the context alive until its\nnormal destruction, and implements the necessary fallbacks, so that the\nconnection can resume in software (non-offloaded) kTLS mode.\n\nOn the TX side tls_sw_fallback is used to encrypt all packets. The RX\nside already has all the necessary fallbacks, because receiving\nnon-decrypted packets is supported. The thing needed on the RX side is\nto block resync requests, which are normally produced after receiving\nnon-decrypted packets.\n\nThe necessary synchronization is implemented for a graceful teardown:\nfirst the fallbacks are deployed, then the driver resources are released\n(it used to be possible to have a tls_dev_resync after tls_dev_del).\n\nA new flag called TLS_RX_DEV_DEGRADED is added to indicate the fallback\nmode. It\u0027s used to skip the RX resync logic completely, as it becomes\nuseless, and some objects may be released (for example, resync_async,\nwhich is allocated and freed by the driver).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47131",
"url": "https://www.suse.com/security/cve/CVE-2021-47131"
},
{
"category": "external",
"summary": "SUSE Bug 1221545 for CVE-2021-47131",
"url": "https://bugzilla.suse.com/1221545"
},
{
"category": "external",
"summary": "SUSE Bug 1222402 for CVE-2021-47131",
"url": "https://bugzilla.suse.com/1222402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2021-47131"
},
{
"cve": "CVE-2021-47138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: avoid accessing registers when clearing filters\n\nHardware register having the server TID base can contain\ninvalid values when adapter is in bad state (for example,\ndue to AER fatal error). Reading these invalid values in the\nregister can lead to out-of-bound memory access. So, fix\nby using the saved server TID base when clearing filters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47138",
"url": "https://www.suse.com/security/cve/CVE-2021-47138"
},
{
"category": "external",
"summary": "SUSE Bug 1221934 for CVE-2021-47138",
"url": "https://bugzilla.suse.com/1221934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47138"
},
{
"cve": "CVE-2021-47141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: Add NULL pointer checks when freeing irqs.\n\nWhen freeing notification blocks, we index priv-\u003emsix_vectors.\nIf we failed to allocate priv-\u003emsix_vectors (see abort_with_msix_vectors)\nthis could lead to a NULL pointer dereference if the driver is unloaded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47141",
"url": "https://www.suse.com/security/cve/CVE-2021-47141"
},
{
"category": "external",
"summary": "SUSE Bug 1221949 for CVE-2021-47141",
"url": "https://bugzilla.suse.com/1221949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47141"
},
{
"cve": "CVE-2021-47142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a use-after-free\n\nlooks like we forget to set ttm-\u003esg to NULL.\nHit panic below\n\n[ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 1235.989074] Call Trace:\n[ 1235.991751] sg_free_table+0x17/0x20\n[ 1235.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu]\n[ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu]\n[ 1236.008464] ttm_tt_destroy+0x1e/0x30 [ttm]\n[ 1236.013066] ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm]\n[ 1236.018783] ttm_bo_release+0x262/0xa50 [ttm]\n[ 1236.023547] ttm_bo_put+0x82/0xd0 [ttm]\n[ 1236.027766] amdgpu_bo_unref+0x26/0x50 [amdgpu]\n[ 1236.032809] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu]\n[ 1236.040400] kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu]\n[ 1236.046912] kfd_ioctl+0x463/0x690 [amdgpu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47142",
"url": "https://www.suse.com/security/cve/CVE-2021-47142"
},
{
"category": "external",
"summary": "SUSE Bug 1221952 for CVE-2021-47142",
"url": "https://bugzilla.suse.com/1221952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47142"
},
{
"cve": "CVE-2021-47143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: remove device from smcd_dev_list after failed device_add()\n\nIf the device_add() for a smcd_dev fails, there\u0027s no cleanup step that\nrolls back the earlier list_add(). The device subsequently gets freed,\nand we end up with a corrupted list.\n\nAdd some error handling that removes the device from the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47143",
"url": "https://www.suse.com/security/cve/CVE-2021-47143"
},
{
"category": "external",
"summary": "SUSE Bug 1221988 for CVE-2021-47143",
"url": "https://bugzilla.suse.com/1221988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47143"
},
{
"cve": "CVE-2021-47146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmld: fix panic in mld_newpack()\n\nmld_newpack() doesn\u0027t allow to allocate high order page,\nonly order-0 allocation is allowed.\nIf headroom size is too large, a kernel panic could occur in skb_put().\n\nTest commands:\n ip netns del A\n ip netns del B\n ip netns add A\n ip netns add B\n ip link add veth0 type veth peer name veth1\n ip link set veth0 netns A\n ip link set veth1 netns B\n\n ip netns exec A ip link set lo up\n ip netns exec A ip link set veth0 up\n ip netns exec A ip -6 a a 2001:db8:0::1/64 dev veth0\n ip netns exec B ip link set lo up\n ip netns exec B ip link set veth1 up\n ip netns exec B ip -6 a a 2001:db8:0::2/64 dev veth1\n for i in {1..99}\n do\n let A=$i-1\n ip netns exec A ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::1 remote 2001:db8:$A::2 encaplimit 100\n ip netns exec A ip -6 a a 2001:db8:$i::1/64 dev ip6gre$i\n ip netns exec A ip link set ip6gre$i up\n\n ip netns exec B ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::2 remote 2001:db8:$A::1 encaplimit 100\n ip netns exec B ip -6 a a 2001:db8:$i::2/64 dev ip6gre$i\n ip netns exec B ip link set ip6gre$i up\n done\n\nSplat looks like:\nkernel BUG at net/core/skbuff.c:110!\ninvalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI\nCPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.12.0+ #891\nWorkqueue: ipv6_addrconf addrconf_dad_work\nRIP: 0010:skb_panic+0x15d/0x15f\nCode: 92 fe 4c 8b 4c 24 10 53 8b 4d 70 45 89 e0 48 c7 c7 00 ae 79 83\n41 57 41 56 41 55 48 8b 54 24 a6 26 f9 ff \u003c0f\u003e 0b 48 8b 6c 24 20 89\n34 24 e8 4a 4e 92 fe 8b 34 24 48 c7 c1 20\nRSP: 0018:ffff88810091f820 EFLAGS: 00010282\nRAX: 0000000000000089 RBX: ffff8881086e9000 RCX: 0000000000000000\nRDX: 0000000000000089 RSI: 0000000000000008 RDI: ffffed1020123efb\nRBP: ffff888005f6eac0 R08: ffffed1022fc0031 R09: ffffed1022fc0031\nR10: ffff888117e00187 R11: ffffed1022fc0030 R12: 0000000000000028\nR13: ffff888008284eb0 R14: 0000000000000ed8 R15: 0000000000000ec0\nFS: 0000000000000000(0000) GS:ffff888117c00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8b801c5640 CR3: 0000000033c2c006 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n skb_put.cold.104+0x22/0x22\n ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? rcu_read_lock_sched_held+0x91/0xc0\n mld_newpack+0x398/0x8f0\n ? ip6_mc_hdr.isra.26.constprop.46+0x600/0x600\n ? lock_contended+0xc40/0xc40\n add_grhead.isra.33+0x280/0x380\n add_grec+0x5ca/0xff0\n ? mld_sendpack+0xf40/0xf40\n ? lock_downgrade+0x690/0x690\n mld_send_initial_cr.part.34+0xb9/0x180\n ipv6_mc_dad_complete+0x15d/0x1b0\n addrconf_dad_completed+0x8d2/0xbb0\n ? lock_downgrade+0x690/0x690\n ? addrconf_rs_timer+0x660/0x660\n ? addrconf_dad_work+0x73c/0x10e0\n addrconf_dad_work+0x73c/0x10e0\n\nAllowing high order page allocation could fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47146",
"url": "https://www.suse.com/security/cve/CVE-2021-47146"
},
{
"category": "external",
"summary": "SUSE Bug 1221979 for CVE-2021-47146",
"url": "https://bugzilla.suse.com/1221979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47146"
},
{
"cve": "CVE-2021-47149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fujitsu: fix potential null-ptr-deref\n\nIn fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer\nderef. To fix this, check the return value of ioremap and return -1\nto the caller in case of failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47149",
"url": "https://www.suse.com/security/cve/CVE-2021-47149"
},
{
"category": "external",
"summary": "SUSE Bug 1221972 for CVE-2021-47149",
"url": "https://bugzilla.suse.com/1221972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47149"
},
{
"cve": "CVE-2021-47150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: fix the potential memory leak in fec_enet_init()\n\nIf the memory allocated for cbd_base is failed, it should\nfree the memory allocated for the queues, otherwise it causes\nmemory leak.\n\nAnd if the memory allocated for the queues is failed, it can\nreturn error directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47150",
"url": "https://www.suse.com/security/cve/CVE-2021-47150"
},
{
"category": "external",
"summary": "SUSE Bug 1221973 for CVE-2021-47150",
"url": "https://bugzilla.suse.com/1221973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47150"
},
{
"cve": "CVE-2021-47153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don\u0027t generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47153",
"url": "https://www.suse.com/security/cve/CVE-2021-47153"
},
{
"category": "external",
"summary": "SUSE Bug 1221969 for CVE-2021-47153",
"url": "https://bugzilla.suse.com/1221969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47153"
},
{
"cve": "CVE-2021-47159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix a crash if -\u003eget_sset_count() fails\n\nIf ds-\u003eops-\u003eget_sset_count() fails then it \"count\" is a negative error\ncode such as -EOPNOTSUPP. Because \"i\" is an unsigned int, the negative\nerror code is type promoted to a very high value and the loop will\ncorrupt memory until the system crashes.\n\nFix this by checking for error codes and changing the type of \"i\" to\njust int.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47159",
"url": "https://www.suse.com/security/cve/CVE-2021-47159"
},
{
"category": "external",
"summary": "SUSE Bug 1221967 for CVE-2021-47159",
"url": "https://bugzilla.suse.com/1221967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47159"
},
{
"cve": "CVE-2021-47161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-dspi: Fix a resource leak in an error handling path\n\n\u0027dspi_request_dma()\u0027 should be undone by a \u0027dspi_release_dma()\u0027 call in the\nerror handling path of the probe function, as already done in the remove\nfunction",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47161",
"url": "https://www.suse.com/security/cve/CVE-2021-47161"
},
{
"category": "external",
"summary": "SUSE Bug 1221966 for CVE-2021-47161",
"url": "https://bugzilla.suse.com/1221966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47161"
},
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: fix shutdown crash when component not probed\n\nWhen main component is not probed, by example when the dw-hdmi module is\nnot loaded yet or in probe defer, the following crash appears on shutdown:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\n...\npc : meson_drv_shutdown+0x24/0x50\nlr : platform_drv_shutdown+0x20/0x30\n...\nCall trace:\nmeson_drv_shutdown+0x24/0x50\nplatform_drv_shutdown+0x20/0x30\ndevice_shutdown+0x158/0x360\nkernel_restart_prepare+0x38/0x48\nkernel_restart+0x18/0x68\n__do_sys_reboot+0x224/0x250\n__arm64_sys_reboot+0x24/0x30\n...\n\nSimply check if the priv struct has been allocated before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47165",
"url": "https://www.suse.com/security/cve/CVE-2021-47165"
},
{
"category": "external",
"summary": "SUSE Bug 1221965 for CVE-2021-47165",
"url": "https://bugzilla.suse.com/1221965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47165"
},
{
"cve": "CVE-2021-47166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47166"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Don\u0027t corrupt the value of pg_bytes_written in nfs_do_recoalesce()\n\nThe value of mirror-\u003epg_bytes_written should only be updated after a\nsuccessful attempt to flush out the requests on the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47166",
"url": "https://www.suse.com/security/cve/CVE-2021-47166"
},
{
"category": "external",
"summary": "SUSE Bug 1221998 for CVE-2021-47166",
"url": "https://bugzilla.suse.com/1221998"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47166",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47166"
},
{
"cve": "CVE-2021-47167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix an Oopsable condition in __nfs_pageio_add_request()\n\nEnsure that nfs_pageio_error_cleanup() resets the mirror array contents,\nso that the structure reflects the fact that it is now empty.\nAlso change the test in nfs_pageio_do_add_request() to be more robust by\nchecking whether or not the list is empty rather than relying on the\nvalue of pg_count.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47167",
"url": "https://www.suse.com/security/cve/CVE-2021-47167"
},
{
"category": "external",
"summary": "SUSE Bug 1221991 for CVE-2021-47167",
"url": "https://bugzilla.suse.com/1221991"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47167",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47167"
},
{
"cve": "CVE-2021-47168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47168"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption. It should be NFS_MAXFHSIZE because that\u0027s the size\nof the -\u003edata[] buffer.\n\nI reversed the size of the arguments to put the variable on the left.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47168",
"url": "https://www.suse.com/security/cve/CVE-2021-47168"
},
{
"category": "external",
"summary": "SUSE Bug 1222002 for CVE-2021-47168",
"url": "https://bugzilla.suse.com/1222002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47168"
},
{
"cve": "CVE-2021-47169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47169"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: rp2: use \u0027request_firmware\u0027 instead of \u0027request_firmware_nowait\u0027\n\nIn \u0027rp2_probe\u0027, the driver registers \u0027rp2_uart_interrupt\u0027 then calls\n\u0027rp2_fw_cb\u0027 through \u0027request_firmware_nowait\u0027. In \u0027rp2_fw_cb\u0027, if the\nfirmware don\u0027t exists, function just return without initializing ports\nof \u0027rp2_card\u0027. But now the interrupt handler function has been\nregistered, and when an interrupt comes, \u0027rp2_uart_interrupt\u0027 may access\nthose ports then causing NULL pointer dereference or other bugs.\n\nBecause the driver does some initialization work in \u0027rp2_fw_cb\u0027, in\norder to make the driver ready to handle interrupts, \u0027request_firmware\u0027\nshould be used instead of asynchronous \u0027request_firmware_nowait\u0027.\n\nThis report reveals it:\n\nINFO: trying to register non-static key.\nthe code is fine but needs lockdep annotation.\nturning off the locking correctness validator.\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xec/0x156 lib/dump_stack.c:118\n assign_lock_key kernel/locking/lockdep.c:727 [inline]\n register_lock_class+0x14e5/0x1ba0 kernel/locking/lockdep.c:753\n __lock_acquire+0x187/0x3750 kernel/locking/lockdep.c:3303\n lock_acquire+0x124/0x340 kernel/locking/lockdep.c:3907\n __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]\n _raw_spin_lock+0x32/0x50 kernel/locking/spinlock.c:144\n spin_lock include/linux/spinlock.h:329 [inline]\n rp2_ch_interrupt drivers/tty/serial/rp2.c:466 [inline]\n rp2_asic_interrupt.isra.9+0x15d/0x990 drivers/tty/serial/rp2.c:493\n rp2_uart_interrupt+0x49/0xe0 drivers/tty/serial/rp2.c:504\n __handle_irq_event_percpu+0xfb/0x770 kernel/irq/handle.c:149\n handle_irq_event_percpu+0x79/0x150 kernel/irq/handle.c:189\n handle_irq_event+0xac/0x140 kernel/irq/handle.c:206\n handle_fasteoi_irq+0x232/0x5c0 kernel/irq/chip.c:725\n generic_handle_irq_desc include/linux/irqdesc.h:155 [inline]\n handle_irq+0x230/0x3a0 arch/x86/kernel/irq_64.c:87\n do_IRQ+0xa7/0x1e0 arch/x86/kernel/irq.c:247\n common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:670\n \u003c/IRQ\u003e\nRIP: 0010:native_safe_halt+0x28/0x30 arch/x86/include/asm/irqflags.h:61\nCode: 00 00 55 be 04 00 00 00 48 c7 c7 00 c2 2f 8c 48 89 e5 e8 fb 31 e7 f8\n8b 05 75 af 8d 03 85 c0 7e 07 0f 00 2d 8a 61 65 00 fb f4 \u003c5d\u003e c3 90 90 90\n90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41\nRSP: 0018:ffff88806b71fcc8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffde\nRAX: 0000000000000000 RBX: ffffffff8bde7e48 RCX: ffffffff88a21285\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8c2fc200\nRBP: ffff88806b71fcc8 R08: fffffbfff185f840 R09: fffffbfff185f840\nR10: 0000000000000001 R11: fffffbfff185f840 R12: 0000000000000002\nR13: ffffffff8bea18a0 R14: 0000000000000000 R15: 0000000000000000\n arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline]\n default_idle+0x6f/0x360 arch/x86/kernel/process.c:557\n arch_cpu_idle+0xf/0x20 arch/x86/kernel/process.c:548\n default_idle_call+0x3b/0x60 kernel/sched/idle.c:93\n cpuidle_idle_call kernel/sched/idle.c:153 [inline]\n do_idle+0x2ab/0x3c0 kernel/sched/idle.c:263\n cpu_startup_entry+0xcb/0xe0 kernel/sched/idle.c:369\n start_secondary+0x3b8/0x4e0 arch/x86/kernel/smpboot.c:271\n secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000010\nPGD 8000000056d27067 P4D 8000000056d27067 PUD 56d28067 PMD 0\nOops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nRIP: 0010:readl arch/x86/include/asm/io.h:59 [inline]\nRIP: 0010:rp2_ch_interrupt drivers/tty/serial/rp2.c:472 [inline]\nRIP: 0010:rp2_asic_interrupt.isra.9+0x181/0x990 drivers/tty/serial/rp2.c:\n493\nCo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47169",
"url": "https://www.suse.com/security/cve/CVE-2021-47169"
},
{
"category": "external",
"summary": "SUSE Bug 1222000 for CVE-2021-47169",
"url": "https://bugzilla.suse.com/1222000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47169"
},
{
"cve": "CVE-2021-47171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47171",
"url": "https://www.suse.com/security/cve/CVE-2021-47171"
},
{
"category": "external",
"summary": "SUSE Bug 1221994 for CVE-2021-47171",
"url": "https://bugzilla.suse.com/1221994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/uss720: fix memory leak in uss720_probe\n\nuss720_probe forgets to decrease the refcount of usbdev in uss720_probe.\nFix this by decreasing the refcount of usbdev by usb_put_dev.\n\nBUG: memory leak\nunreferenced object 0xffff888101113800 (size 2048):\n comm \"kworker/0:1\", pid 7, jiffies 4294956777 (age 28.870s)\n hex dump (first 32 bytes):\n ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1...........\n 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................\n backtrace:\n [\u003cffffffff82b8e822\u003e] kmalloc include/linux/slab.h:554 [inline]\n [\u003cffffffff82b8e822\u003e] kzalloc include/linux/slab.h:684 [inline]\n [\u003cffffffff82b8e822\u003e] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582\n [\u003cffffffff82b98441\u003e] hub_port_connect drivers/usb/core/hub.c:5129 [inline]\n [\u003cffffffff82b98441\u003e] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]\n [\u003cffffffff82b98441\u003e] port_event drivers/usb/core/hub.c:5509 [inline]\n [\u003cffffffff82b98441\u003e] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591\n [\u003cffffffff81259229\u003e] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275\n [\u003cffffffff81259b19\u003e] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421\n [\u003cffffffff81261228\u003e] kthread+0x178/0x1b0 kernel/kthread.c:292\n [\u003cffffffff8100227f\u003e] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47173",
"url": "https://www.suse.com/security/cve/CVE-2021-47173"
},
{
"category": "external",
"summary": "SUSE Bug 1221993 for CVE-2021-47173",
"url": "https://bugzilla.suse.com/1221993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47173"
},
{
"cve": "CVE-2021-47177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix sysfs leak in alloc_iommu()\n\niommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent\nerrors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47177",
"url": "https://www.suse.com/security/cve/CVE-2021-47177"
},
{
"category": "external",
"summary": "SUSE Bug 1221997 for CVE-2021-47177",
"url": "https://bugzilla.suse.com/1221997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47177"
},
{
"cve": "CVE-2021-47179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()\n\nCommit de144ff4234f changes _pnfs_return_layout() to call\npnfs_mark_matching_lsegs_return() passing NULL as the struct\npnfs_layout_range argument. Unfortunately,\npnfs_mark_matching_lsegs_return() doesn\u0027t check if we have a value here\nbefore dereferencing it, causing an oops.\n\nI\u0027m able to hit this crash consistently when running connectathon basic\ntests on NFS v4.1/v4.2 against Ontap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47179",
"url": "https://www.suse.com/security/cve/CVE-2021-47179"
},
{
"category": "external",
"summary": "SUSE Bug 1222001 for CVE-2021-47179",
"url": "https://bugzilla.suse.com/1222001"
},
{
"category": "external",
"summary": "SUSE Bug 1224785 for CVE-2021-47179",
"url": "https://bugzilla.suse.com/1224785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47179"
},
{
"cve": "CVE-2021-47180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47180"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: fix memory leak in nci_allocate_device\n\nnfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev.\nFix this by freeing hci_dev in nci_free_device.\n\nBUG: memory leak\nunreferenced object 0xffff888111ea6800 (size 1024):\n comm \"kworker/1:0\", pid 19, jiffies 4294942308 (age 13.580s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 60 fd 0c 81 88 ff ff .........`......\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000004bc25d43\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c000000004bc25d43\u003e] kzalloc include/linux/slab.h:682 [inline]\n [\u003c000000004bc25d43\u003e] nci_hci_allocate+0x21/0xd0 net/nfc/nci/hci.c:784\n [\u003c00000000c59cff92\u003e] nci_allocate_device net/nfc/nci/core.c:1170 [inline]\n [\u003c00000000c59cff92\u003e] nci_allocate_device+0x10b/0x160 net/nfc/nci/core.c:1132\n [\u003c00000000006e0a8e\u003e] nfcmrvl_nci_register_dev+0x10a/0x1c0 drivers/nfc/nfcmrvl/main.c:153\n [\u003c000000004da1b57e\u003e] nfcmrvl_probe+0x223/0x290 drivers/nfc/nfcmrvl/usb.c:345\n [\u003c00000000d506aed9\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554\n [\u003c00000000f5009125\u003e] driver_probe_device+0x84/0x100 drivers/base/dd.c:740\n [\u003c000000000ce658ca\u003e] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846\n [\u003c000000007067d05f\u003e] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431\n [\u003c00000000f8e13372\u003e] __device_attach+0x122/0x250 drivers/base/dd.c:914\n [\u003c000000009cf68860\u003e] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491\n [\u003c00000000359c965a\u003e] device_add+0x5be/0xc30 drivers/base/core.c:3109\n [\u003c00000000086e4bd3\u003e] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164\n [\u003c00000000ca036872\u003e] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n [\u003c00000000d40d36f6\u003e] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47180",
"url": "https://www.suse.com/security/cve/CVE-2021-47180"
},
{
"category": "external",
"summary": "SUSE Bug 1221999 for CVE-2021-47180",
"url": "https://bugzilla.suse.com/1221999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47180"
},
{
"cve": "CVE-2021-47181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: tusb6010: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47181",
"url": "https://www.suse.com/security/cve/CVE-2021-47181"
},
{
"category": "external",
"summary": "SUSE Bug 1222660 for CVE-2021-47181",
"url": "https://bugzilla.suse.com/1222660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47181"
},
{
"cve": "CVE-2021-47182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47182"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix scsi_mode_sense() buffer length handling\n\nSeveral problems exist with scsi_mode_sense() buffer length handling:\n\n 1) The allocation length field of the MODE SENSE(10) command is 16-bits,\n occupying bytes 7 and 8 of the CDB. With this command, access to mode\n pages larger than 255 bytes is thus possible. However, the CDB\n allocation length field is set by assigning len to byte 8 only, thus\n truncating buffer length larger than 255.\n\n 2) If scsi_mode_sense() is called with len smaller than 8 with\n sdev-\u003euse_10_for_ms set, or smaller than 4 otherwise, the buffer length\n is increased to 8 and 4 respectively, and the buffer is zero filled\n with these increased values, thus corrupting the memory following the\n buffer.\n\nFix these 2 problems by using put_unaligned_be16() to set the allocation\nlength field of MODE SENSE(10) CDB and by returning an error when len is\ntoo small.\n\nFurthermore, if len is larger than 255B, always try MODE SENSE(10) first,\neven if the device driver did not set sdev-\u003euse_10_for_ms. In case of\ninvalid opcode error for MODE SENSE(10), access to mode pages larger than\n255 bytes are not retried using MODE SENSE(6). To avoid buffer length\noverflows for the MODE_SENSE(10) case, check that len is smaller than 65535\nbytes.\n\nWhile at it, also fix the folowing:\n\n * Use get_unaligned_be16() to retrieve the mode data length and block\n descriptor length fields of the mode sense reply header instead of using\n an open coded calculation.\n\n * Fix the kdoc dbd argument explanation: the DBD bit stands for Disable\n Block Descriptor, which is the opposite of what the dbd argument\n description was.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47182",
"url": "https://www.suse.com/security/cve/CVE-2021-47182"
},
{
"category": "external",
"summary": "SUSE Bug 1222662 for CVE-2021-47182",
"url": "https://bugzilla.suse.com/1222662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47182"
},
{
"cve": "CVE-2021-47183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix link down processing to address NULL pointer dereference\n\nIf an FC link down transition while PLOGIs are outstanding to fabric well\nknown addresses, outstanding ABTS requests may result in a NULL pointer\ndereference. Driver unload requests may hang with repeated \"2878\" log\nmessages.\n\nThe Link down processing results in ABTS requests for outstanding ELS\nrequests. The Abort WQEs are sent for the ELSs before the driver had set\nthe link state to down. Thus the driver is sending the Abort with the\nexpectation that an ABTS will be sent on the wire. The Abort request is\nstalled waiting for the link to come up. In some conditions the driver may\nauto-complete the ELSs thus if the link does come up, the Abort completions\nmay reference an invalid structure.\n\nFix by ensuring that Abort set the flag to avoid link traffic if issued due\nto conditions where the link failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47183",
"url": "https://www.suse.com/security/cve/CVE-2021-47183"
},
{
"category": "external",
"summary": "SUSE Bug 1222664 for CVE-2021-47183",
"url": "https://bugzilla.suse.com/1222664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47183"
},
{
"cve": "CVE-2021-47184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that\u0027s causing a kernel oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47184",
"url": "https://www.suse.com/security/cve/CVE-2021-47184"
},
{
"category": "external",
"summary": "SUSE Bug 1222666 for CVE-2021-47184",
"url": "https://bugzilla.suse.com/1222666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47184"
},
{
"cve": "CVE-2021-47185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n Workqueue: events_unbound flush_to_ldisc\n Call trace:\n dump_backtrace+0x0/0x1ec\n show_stack+0x24/0x30\n dump_stack+0xd0/0x128\n panic+0x15c/0x374\n watchdog_timer_fn+0x2b8/0x304\n __run_hrtimer+0x88/0x2c0\n __hrtimer_run_queues+0xa4/0x120\n hrtimer_interrupt+0xfc/0x270\n arch_timer_handler_phys+0x40/0x50\n handle_percpu_devid_irq+0x94/0x220\n __handle_domain_irq+0x88/0xf0\n gic_handle_irq+0x84/0xfc\n el1_irq+0xc8/0x180\n slip_unesc+0x80/0x214 [slip]\n tty_ldisc_receive_buf+0x64/0x80\n tty_port_default_receive_buf+0x50/0x90\n flush_to_ldisc+0xbc/0x110\n process_one_work+0x1d4/0x4b0\n worker_thread+0x180/0x430\n kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47185",
"url": "https://www.suse.com/security/cve/CVE-2021-47185"
},
{
"category": "external",
"summary": "SUSE Bug 1222669 for CVE-2021-47185",
"url": "https://bugzilla.suse.com/1222669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47185"
},
{
"cve": "CVE-2021-47188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp-\u003ecmd);\n\nFix this warning by clearing lrbp-\u003ecmd from the abort handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47188",
"url": "https://www.suse.com/security/cve/CVE-2021-47188"
},
{
"category": "external",
"summary": "SUSE Bug 1222671 for CVE-2021-47188",
"url": "https://bugzilla.suse.com/1222671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47189"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix memory ordering between normal and ordered work functions\n\nOrdered work functions aren\u0027t guaranteed to be handled by the same thread\nwhich executed the normal work functions. The only way execution between\nnormal/ordered functions is synchronized is via the WORK_DONE_BIT,\nunfortunately the used bitops don\u0027t guarantee any ordering whatsoever.\n\nThis manifested as seemingly inexplicable crashes on ARM64, where\nasync_chunk::inode is seen as non-null in async_cow_submit which causes\nsubmit_compressed_extents to be called and crash occurs because\nasync_chunk::inode suddenly became NULL. The call trace was similar to:\n\n pc : submit_compressed_extents+0x38/0x3d0\n lr : async_cow_submit+0x50/0xd0\n sp : ffff800015d4bc20\n\n \u003cregisters omitted for brevity\u003e\n\n Call trace:\n submit_compressed_extents+0x38/0x3d0\n async_cow_submit+0x50/0xd0\n run_ordered_work+0xc8/0x280\n btrfs_work_helper+0x98/0x250\n process_one_work+0x1f0/0x4ac\n worker_thread+0x188/0x504\n kthread+0x110/0x114\n ret_from_fork+0x10/0x18\n\nFix this by adding respective barrier calls which ensure that all\naccesses preceding setting of WORK_DONE_BIT are strictly ordered before\nsetting the flag. At the same time add a read barrier after reading of\nWORK_DONE_BIT in run_ordered_work which ensures all subsequent loads\nwould be strictly ordered after reading the bit. This in turn ensures\nare all accesses before WORK_DONE_BIT are going to be strictly ordered\nbefore any access that can occur in ordered_func.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47189",
"url": "https://www.suse.com/security/cve/CVE-2021-47189"
},
{
"category": "external",
"summary": "SUSE Bug 1222706 for CVE-2021-47189",
"url": "https://bugzilla.suse.com/1222706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47189"
},
{
"cve": "CVE-2021-47198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine\n\nAn error is detected with the following report when unloading the driver:\n \"KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b\"\n\nThe NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the\nflag is not cleared upon completion of the login.\n\nThis allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set\nto LPFC_RPI_ALLOW_ERROR. This results in a use after free access when used\nas an rpi_ids array index.\n\nFix by clearing the NLP_REG_LOGIN_SEND nlp_flag in\nlpfc_mbx_cmpl_fc_reg_login().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47198",
"url": "https://www.suse.com/security/cve/CVE-2021-47198"
},
{
"category": "external",
"summary": "SUSE Bug 1222883 for CVE-2021-47198",
"url": "https://bugzilla.suse.com/1222883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47198"
},
{
"cve": "CVE-2021-47202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: Fix NULL pointer dereferences in of_thermal_ functions\n\nof_parse_thermal_zones() parses the thermal-zones node and registers a\nthermal_zone device for each subnode. However, if a thermal zone is\nconsuming a thermal sensor and that thermal sensor device hasn\u0027t probed\nyet, an attempt to set trip_point_*_temp for that thermal zone device\ncan cause a NULL pointer dereference. Fix it.\n\n console:/sys/class/thermal/thermal_zone87 # echo 120000 \u003e trip_point_0_temp\n ...\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ...\n Call trace:\n of_thermal_set_trip_temp+0x40/0xc4\n trip_point_temp_store+0xc0/0x1dc\n dev_attr_store+0x38/0x88\n sysfs_kf_write+0x64/0xc0\n kernfs_fop_write_iter+0x108/0x1d0\n vfs_write+0x2f4/0x368\n ksys_write+0x7c/0xec\n __arm64_sys_write+0x20/0x30\n el0_svc_common.llvm.7279915941325364641+0xbc/0x1bc\n do_el0_svc+0x28/0xa0\n el0_svc+0x14/0x24\n el0_sync_handler+0x88/0xec\n el0_sync+0x1c0/0x200\n\nWhile at it, fix the possible NULL pointer dereference in other\nfunctions as well: of_thermal_get_temp(), of_thermal_set_emul_temp(),\nof_thermal_get_trend().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47202",
"url": "https://www.suse.com/security/cve/CVE-2021-47202"
},
{
"category": "external",
"summary": "SUSE Bug 1222878 for CVE-2021-47202",
"url": "https://bugzilla.suse.com/1222878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47202"
},
{
"cve": "CVE-2021-47203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47203"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()\n\nWhen parsing the txq list in lpfc_drain_txq(), the driver attempts to pass\nthe requests to the adapter. If such an attempt fails, a local \"fail_msg\"\nstring is set and a log message output. The job is then added to a\ncompletions list for cancellation.\n\nProcessing of any further jobs from the txq list continues, but since\n\"fail_msg\" remains set, jobs are added to the completions list regardless\nof whether a wqe was passed to the adapter. If successfully added to\ntxcmplq, jobs are added to both lists resulting in list corruption.\n\nFix by clearing the fail_msg string after adding a job to the completions\nlist. This stops the subsequent jobs from being added to the completions\nlist unless they had an appropriate failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47203",
"url": "https://www.suse.com/security/cve/CVE-2021-47203"
},
{
"category": "external",
"summary": "SUSE Bug 1222881 for CVE-2021-47203",
"url": "https://bugzilla.suse.com/1222881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47203"
},
{
"cve": "CVE-2021-47204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dpaa2-eth: fix use-after-free in dpaa2_eth_remove\n\nAccess to netdev after free_netdev() will cause use-after-free bug.\nMove debug log before free_netdev() call to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47204",
"url": "https://www.suse.com/security/cve/CVE-2021-47204"
},
{
"category": "external",
"summary": "SUSE Bug 1222787 for CVE-2021-47204",
"url": "https://bugzilla.suse.com/1222787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47204"
},
{
"cve": "CVE-2021-47205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: Unregister clocks/resets when unbinding\n\nCurrently, unbinding a CCU driver unmaps the device\u0027s MMIO region, while\nleaving its clocks/resets and their providers registered. This can cause\na page fault later when some clock operation tries to perform MMIO. Fix\nthis by separating the CCU initialization from the memory allocation,\nand then using a devres callback to unregister the clocks and resets.\n\nThis also fixes a memory leak of the `struct ccu_reset`, and uses the\ncorrect owner (the specific platform driver) for the clocks and resets.\n\nEarly OF clock providers are never unregistered, and limited error\nhandling is possible, so they are mostly unchanged. The error reporting\nis made more consistent by moving the message inside of_sunxi_ccu_probe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47205",
"url": "https://www.suse.com/security/cve/CVE-2021-47205"
},
{
"category": "external",
"summary": "SUSE Bug 1222888 for CVE-2021-47205",
"url": "https://bugzilla.suse.com/1222888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47205"
},
{
"cve": "CVE-2021-47207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47207"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: gus: fix null pointer dereference on pointer block\n\nThe pointer block return from snd_gf1_dma_next_block could be\nnull, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47207",
"url": "https://www.suse.com/security/cve/CVE-2021-47207"
},
{
"category": "external",
"summary": "SUSE Bug 1222790 for CVE-2021-47207",
"url": "https://bugzilla.suse.com/1222790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47207"
},
{
"cve": "CVE-2021-47211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: fix null pointer dereference on pointer cs_desc\n\nThe pointer cs_desc return from snd_usb_find_clock_source could\nbe null, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47211",
"url": "https://www.suse.com/security/cve/CVE-2021-47211"
},
{
"category": "external",
"summary": "SUSE Bug 1222869 for CVE-2021-47211",
"url": "https://bugzilla.suse.com/1222869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47211"
},
{
"cve": "CVE-2021-47216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: advansys: Fix kernel pointer leak\n\nPointers should be printed with %p or %px rather than cast to \u0027unsigned\nlong\u0027 and printed with %lx.\n\nChange %lx to %p to print the hashed pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47216",
"url": "https://www.suse.com/security/cve/CVE-2021-47216"
},
{
"category": "external",
"summary": "SUSE Bug 1222876 for CVE-2021-47216",
"url": "https://bugzilla.suse.com/1222876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47216"
},
{
"cve": "CVE-2021-47217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails\n\nCheck for a valid hv_vp_index array prior to derefencing hv_vp_index when\nsetting Hyper-V\u0027s TSC change callback. If Hyper-V setup failed in\nhyperv_init(), the kernel will still report that it\u0027s running under\nHyper-V, but will have silently disabled nearly all functionality.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 4 PID: 1 Comm: swapper/0 Not tainted 5.15.0-rc2+ #75\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:set_hv_tscchange_cb+0x15/0xa0\n Code: \u003c8b\u003e 04 82 8b 15 12 17 85 01 48 c1 e0 20 48 0d ee 00 01 00 f6 c6 08\n ...\n Call Trace:\n kvm_arch_init+0x17c/0x280\n kvm_init+0x31/0x330\n vmx_init+0xba/0x13a\n do_one_initcall+0x41/0x1c0\n kernel_init_freeable+0x1f2/0x23b\n kernel_init+0x16/0x120\n ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47217",
"url": "https://www.suse.com/security/cve/CVE-2021-47217"
},
{
"category": "external",
"summary": "SUSE Bug 1222836 for CVE-2021-47217",
"url": "https://bugzilla.suse.com/1222836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47217"
},
{
"cve": "CVE-2022-0487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0487"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0487",
"url": "https://www.suse.com/security/cve/CVE-2022-0487"
},
{
"category": "external",
"summary": "SUSE Bug 1194516 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1194516"
},
{
"category": "external",
"summary": "SUSE Bug 1195949 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1195949"
},
{
"category": "external",
"summary": "SUSE Bug 1198615 for CVE-2022-0487",
"url": "https://bugzilla.suse.com/1198615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2022-0487"
},
{
"cve": "CVE-2022-48619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48619"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48619",
"url": "https://www.suse.com/security/cve/CVE-2022-48619"
},
{
"category": "external",
"summary": "SUSE Bug 1218220 for CVE-2022-48619",
"url": "https://bugzilla.suse.com/1218220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48619"
},
{
"cve": "CVE-2022-48626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48626"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmoxart: fix potential use-after-free on remove path\n\nIt was reported that the mmc host structure could be accessed after it\nwas freed in moxart_remove(), so fix this by saving the base register of\nthe device and using it instead of the pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48626",
"url": "https://www.suse.com/security/cve/CVE-2022-48626"
},
{
"category": "external",
"summary": "SUSE Bug 1220366 for CVE-2022-48626",
"url": "https://bugzilla.suse.com/1220366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48626"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn\u0027t find a command, but it missed to clean\nup the allocated memory for the management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48650",
"url": "https://www.suse.com/security/cve/CVE-2022-48650"
},
{
"category": "external",
"summary": "SUSE Bug 1223509 for CVE-2022-48650",
"url": "https://bugzilla.suse.com/1223509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48650"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in insert range\n\ninsert range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting file data.\n\nAlso includes some minor cleanup (avoiding rereading\ninode size repeatedly unnecessarily) to make it clearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48667",
"url": "https://www.suse.com/security/cve/CVE-2022-48667"
},
{
"category": "external",
"summary": "SUSE Bug 1223518 for CVE-2022-48667",
"url": "https://bugzilla.suse.com/1223518"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48667"
},
{
"cve": "CVE-2022-48668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in collapse range\n\ncollapse range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting the file data. This\nfixes xfstest generic/031\n\nI also decided to merge a minor cleanup to this into the same patch\n(avoiding rereading inode size repeatedly unnecessarily) to make it\nclearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48668",
"url": "https://www.suse.com/security/cve/CVE-2022-48668"
},
{
"category": "external",
"summary": "SUSE Bug 1223516 for CVE-2022-48668",
"url": "https://bugzilla.suse.com/1223516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48668"
},
{
"cve": "CVE-2022-48672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: fdt: fix off-by-one error in unflatten_dt_nodes()\n\nCommit 78c44d910d3e (\"drivers/of: Fix depth when unflattening devicetree\")\nforgot to fix up the depth check in the loop body in unflatten_dt_nodes()\nwhich makes it possible to overflow the nps[] buffer...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48672",
"url": "https://www.suse.com/security/cve/CVE-2022-48672"
},
{
"category": "external",
"summary": "SUSE Bug 1223931 for CVE-2022-48672",
"url": "https://bugzilla.suse.com/1223931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48672"
},
{
"cve": "CVE-2022-48687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix out-of-bounds read when setting HMAC data.\n\nThe SRv6 layer allows defining HMAC data that can later be used to sign IPv6\nSegment Routing Headers. This configuration is realised via netlink through\nfour attributes: SEG6_ATTR_HMACKEYID, SEG6_ATTR_SECRET, SEG6_ATTR_SECRETLEN and\nSEG6_ATTR_ALGID. Because the SECRETLEN attribute is decoupled from the actual\nlength of the SECRET attribute, it is possible to provide invalid combinations\n(e.g., secret = \"\", secretlen = 64). This case is not checked in the code and\nwith an appropriately crafted netlink message, an out-of-bounds read of up\nto 64 bytes (max secret length) can occur past the skb end pointer and into\nskb_shared_info:\n\nBreakpoint 1, seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n208\t\tmemcpy(hinfo-\u003esecret, secret, slen);\n(gdb) bt\n #0 seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n #1 0xffffffff81e012e9 in genl_family_rcv_msg_doit (skb=skb@entry=0xffff88800b1f9f00, nlh=nlh@entry=0xffff88800b1b7600,\n extack=extack@entry=0xffffc90000ba7af0, ops=ops@entry=0xffffc90000ba7a80, hdrlen=4, net=0xffffffff84237580 \u003cinit_net\u003e, family=\u003coptimized out\u003e,\n family=\u003coptimized out\u003e) at net/netlink/genetlink.c:731\n #2 0xffffffff81e01435 in genl_family_rcv_msg (extack=0xffffc90000ba7af0, nlh=0xffff88800b1b7600, skb=0xffff88800b1f9f00,\n family=0xffffffff82fef6c0 \u003cseg6_genl_family\u003e) at net/netlink/genetlink.c:775\n #3 genl_rcv_msg (skb=0xffff88800b1f9f00, nlh=0xffff88800b1b7600, extack=0xffffc90000ba7af0) at net/netlink/genetlink.c:792\n #4 0xffffffff81dfffc3 in netlink_rcv_skb (skb=skb@entry=0xffff88800b1f9f00, cb=cb@entry=0xffffffff81e01350 \u003cgenl_rcv_msg\u003e)\n at net/netlink/af_netlink.c:2501\n #5 0xffffffff81e00919 in genl_rcv (skb=0xffff88800b1f9f00) at net/netlink/genetlink.c:803\n #6 0xffffffff81dff6ae in netlink_unicast_kernel (ssk=0xffff888010eec800, skb=0xffff88800b1f9f00, sk=0xffff888004aed000)\n at net/netlink/af_netlink.c:1319\n #7 netlink_unicast (ssk=ssk@entry=0xffff888010eec800, skb=skb@entry=0xffff88800b1f9f00, portid=portid@entry=0, nonblock=\u003coptimized out\u003e)\n at net/netlink/af_netlink.c:1345\n #8 0xffffffff81dff9a4 in netlink_sendmsg (sock=\u003coptimized out\u003e, msg=0xffffc90000ba7e48, len=\u003coptimized out\u003e) at net/netlink/af_netlink.c:1921\n...\n(gdb) p/x ((struct sk_buff *)0xffff88800b1f9f00)-\u003ehead + ((struct sk_buff *)0xffff88800b1f9f00)-\u003eend\n$1 = 0xffff88800b1b76c0\n(gdb) p/x secret\n$2 = 0xffff88800b1b76c0\n(gdb) p slen\n$3 = 64 \u0027@\u0027\n\nThe OOB data can then be read back from userspace by dumping HMAC state. This\ncommit fixes this by ensuring SECRETLEN cannot exceed the actual length of\nSECRET.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48687",
"url": "https://www.suse.com/security/cve/CVE-2022-48687"
},
{
"category": "external",
"summary": "SUSE Bug 1223952 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "external",
"summary": "SUSE Bug 1224043 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1224043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2022-48687"
},
{
"cve": "CVE-2022-48688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix kernel crash during module removal\n\nThe driver incorrectly frees client instance and subsequent\ni40e module removal leads to kernel crash.\n\nReproducer:\n1. Do ethtool offline test followed immediately by another one\nhost# ethtool -t eth0 offline; ethtool -t eth0 offline\n2. Remove recursively irdma module that also removes i40e module\nhost# modprobe -r irdma\n\nResult:\n[ 8675.035651] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.193774] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.201316] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.358921] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.496921] i40e 0000:3d:00.0: IRDMA hardware initialization FAILED init_state=2 status=-110\n[ 8686.188955] i40e 0000:3d:00.1: i40e_ptp_stop: removed PHC on eno2\n[ 8686.943890] i40e 0000:3d:00.1: Deleted LAN device PF1 bus=0x3d dev=0x00 func=0x01\n[ 8686.952669] i40e 0000:3d:00.0: i40e_ptp_stop: removed PHC on eno1\n[ 8687.761787] BUG: kernel NULL pointer dereference, address: 0000000000000030\n[ 8687.768755] #PF: supervisor read access in kernel mode\n[ 8687.773895] #PF: error_code(0x0000) - not-present page\n[ 8687.779034] PGD 0 P4D 0\n[ 8687.781575] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 8687.785935] CPU: 51 PID: 172891 Comm: rmmod Kdump: loaded Tainted: G W I 5.19.0+ #2\n[ 8687.794800] Hardware name: Intel Corporation S2600WFD/S2600WFD, BIOS SE5C620.86B.0X.02.0001.051420190324 05/14/2019\n[ 8687.805222] RIP: 0010:i40e_lan_del_device+0x13/0xb0 [i40e]\n[ 8687.810719] Code: d4 84 c0 0f 84 b8 25 01 00 e9 9c 25 01 00 41 bc f4 ff ff ff eb 91 90 0f 1f 44 00 00 41 54 55 53 48 8b 87 58 08 00 00 48 89 fb \u003c48\u003e 8b 68 30 48 89 ef e8 21 8a 0f d5 48 89 ef e8 a9 78 0f d5 48 8b\n[ 8687.829462] RSP: 0018:ffffa604072efce0 EFLAGS: 00010202\n[ 8687.834689] RAX: 0000000000000000 RBX: ffff8f43833b2000 RCX: 0000000000000000\n[ 8687.841821] RDX: 0000000000000000 RSI: ffff8f4b0545b298 RDI: ffff8f43833b2000\n[ 8687.848955] RBP: ffff8f43833b2000 R08: 0000000000000001 R09: 0000000000000000\n[ 8687.856086] R10: 0000000000000000 R11: 000ffffffffff000 R12: ffff8f43833b2ef0\n[ 8687.863218] R13: ffff8f43833b2ef0 R14: ffff915103966000 R15: ffff8f43833b2008\n[ 8687.870342] FS: 00007f79501c3740(0000) GS:ffff8f4adffc0000(0000) knlGS:0000000000000000\n[ 8687.878427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8687.884174] CR2: 0000000000000030 CR3: 000000014276e004 CR4: 00000000007706e0\n[ 8687.891306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 8687.898441] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 8687.905572] PKRU: 55555554\n[ 8687.908286] Call Trace:\n[ 8687.910737] \u003cTASK\u003e\n[ 8687.912843] i40e_remove+0x2c0/0x330 [i40e]\n[ 8687.917040] pci_device_remove+0x33/0xa0\n[ 8687.920962] device_release_driver_internal+0x1aa/0x230\n[ 8687.926188] driver_detach+0x44/0x90\n[ 8687.929770] bus_remove_driver+0x55/0xe0\n[ 8687.933693] pci_unregister_driver+0x2a/0xb0\n[ 8687.937967] i40e_exit_module+0xc/0xf48 [i40e]\n\nTwo offline tests cause IRDMA driver failure (ETIMEDOUT) and this\nfailure is indicated back to i40e_client_subtask() that calls\ni40e_client_del_instance() to free client instance referenced\nby pf-\u003ecinst and sets this pointer to NULL. During the module\nremoval i40e_remove() calls i40e_lan_del_device() that dereferences\npf-\u003ecinst that is NULL -\u003e crash.\nDo not remove client instance when client open callbacks fails and\njust clear __I40E_CLIENT_INSTANCE_OPENED bit. The driver also needs\nto take care about this situation (when netdev is up and client\nis NOT opened) in i40e_notify_client_of_netdev_close() and\ncalls client close callback only when __I40E_CLIENT_INSTANCE_OPENED\nis set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48688",
"url": "https://www.suse.com/security/cve/CVE-2022-48688"
},
{
"category": "external",
"summary": "SUSE Bug 1223953 for CVE-2022-48688",
"url": "https://bugzilla.suse.com/1223953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48688"
},
{
"cve": "CVE-2022-48695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use-after-free warning\n\nFix the following use-after-free warning which is observed during\ncontroller reset:\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48695",
"url": "https://www.suse.com/security/cve/CVE-2022-48695"
},
{
"category": "external",
"summary": "SUSE Bug 1223941 for CVE-2022-48695",
"url": "https://bugzilla.suse.com/1223941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48695"
},
{
"cve": "CVE-2022-48701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()\n\nThere may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and\nthe number of it\u0027s interfaces less than 4, an out-of-bounds read bug occurs\nwhen parsing the interface descriptor for this device.\n\nFix this by checking the number of interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48701",
"url": "https://www.suse.com/security/cve/CVE-2022-48701"
},
{
"category": "external",
"summary": "SUSE Bug 1223921 for CVE-2022-48701",
"url": "https://bugzilla.suse.com/1223921"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "low"
}
],
"title": "CVE-2022-48701"
},
{
"cve": "CVE-2022-48702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()\n\nThe voice allocator sometimes begins allocating from near the end of the\narray and then wraps around, however snd_emu10k1_pcm_channel_alloc()\naccesses the newly allocated voices as if it never wrapped around.\n\nThis results in out of bounds access if the first voice has a high enough\nindex so that first_voice + requested_voice_count \u003e NUM_G (64).\nThe more voices are requested, the more likely it is for this to occur.\n\nThis was initially discovered using PipeWire, however it can be reproduced\nby calling aplay multiple times with 16 channels:\naplay -r 48000 -D plughw:CARD=Live,DEV=3 -c 16 /dev/zero\n\nUBSAN: array-index-out-of-bounds in sound/pci/emu10k1/emupcm.c:127:40\nindex 65 is out of range for type \u0027snd_emu10k1_voice [64]\u0027\nCPU: 1 PID: 31977 Comm: aplay Tainted: G W IOE 6.0.0-rc2-emu10k1+ #7\nHardware name: ASUSTEK COMPUTER INC P5W DH Deluxe/P5W DH Deluxe, BIOS 3002 07/22/2010\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x49/0x63\ndump_stack+0x10/0x16\nubsan_epilogue+0x9/0x3f\n__ubsan_handle_out_of_bounds.cold+0x44/0x49\nsnd_emu10k1_playback_hw_params+0x3bc/0x420 [snd_emu10k1]\nsnd_pcm_hw_params+0x29f/0x600 [snd_pcm]\nsnd_pcm_common_ioctl+0x188/0x1410 [snd_pcm]\n? exit_to_user_mode_prepare+0x35/0x170\n? do_syscall_64+0x69/0x90\n? syscall_exit_to_user_mode+0x26/0x50\n? do_syscall_64+0x69/0x90\n? exit_to_user_mode_prepare+0x35/0x170\nsnd_pcm_ioctl+0x27/0x40 [snd_pcm]\n__x64_sys_ioctl+0x95/0xd0\ndo_syscall_64+0x5c/0x90\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48702",
"url": "https://www.suse.com/security/cve/CVE-2022-48702"
},
{
"category": "external",
"summary": "SUSE Bug 1223923 for CVE-2022-48702",
"url": "https://bugzilla.suse.com/1223923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48702"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-28746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28746"
}
],
"notes": [
{
"category": "general",
"text": "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28746",
"url": "https://www.suse.com/security/cve/CVE-2023-28746"
},
{
"category": "external",
"summary": "SUSE Bug 1213456 for CVE-2023-28746",
"url": "https://bugzilla.suse.com/1213456"
},
{
"category": "external",
"summary": "SUSE Bug 1221323 for CVE-2023-28746",
"url": "https://bugzilla.suse.com/1221323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-28746"
},
{
"cve": "CVE-2023-35827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-35827"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-35827",
"url": "https://www.suse.com/security/cve/CVE-2023-35827"
},
{
"category": "external",
"summary": "SUSE Bug 1212514 for CVE-2023-35827",
"url": "https://bugzilla.suse.com/1212514"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-35827",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-35827",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-35827"
},
{
"cve": "CVE-2023-4881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4881"
}
],
"notes": [
{
"category": "general",
"text": "CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4881",
"url": "https://www.suse.com/security/cve/CVE-2023-4881"
},
{
"category": "external",
"summary": "SUSE Bug 1215221 for CVE-2023-4881",
"url": "https://bugzilla.suse.com/1215221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-4881"
},
{
"cve": "CVE-2023-52454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length\n\nIf the host sends an H2CData command with an invalid DATAL,\nthe kernel may crash in nvmet_tcp_build_pdu_iovec().\n\nUnable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\nlr : nvmet_tcp_io_work+0x6ac/0x718 [nvmet_tcp]\nCall trace:\n process_one_work+0x174/0x3c8\n worker_thread+0x2d0/0x3e8\n kthread+0x104/0x110\n\nFix the bug by raising a fatal error if DATAL isn\u0027t coherent\nwith the packet size.\nAlso, the PDU length should never exceed the MAXH2CDATA parameter which\nhas been communicated to the host in nvmet_tcp_handle_icreq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52454",
"url": "https://www.suse.com/security/cve/CVE-2023-52454"
},
{
"category": "external",
"summary": "SUSE Bug 1220320 for CVE-2023-52454",
"url": "https://bugzilla.suse.com/1220320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52454"
},
{
"cve": "CVE-2023-52469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/amd/pm: fix a use-after-free in kv_parse_power_table\n\nWhen ps allocated by kzalloc equals to NULL, kv_parse_power_table\nfrees adev-\u003epm.dpm.ps that allocated before. However, after the control\nflow goes through the following call chains:\n\nkv_parse_power_table\n |-\u003e kv_dpm_init\n |-\u003e kv_dpm_sw_init\n\t |-\u003e kv_dpm_fini\n\nThe adev-\u003epm.dpm.ps is used in the for loop of kv_dpm_fini after its\nfirst free in kv_parse_power_table and causes a use-after-free bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52469",
"url": "https://www.suse.com/security/cve/CVE-2023-52469"
},
{
"category": "external",
"summary": "SUSE Bug 1220411 for CVE-2023-52469",
"url": "https://bugzilla.suse.com/1220411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52469"
},
{
"cve": "CVE-2023-52470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52470",
"url": "https://www.suse.com/security/cve/CVE-2023-52470"
},
{
"category": "external",
"summary": "SUSE Bug 1220413 for CVE-2023-52470",
"url": "https://bugzilla.suse.com/1220413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52470"
},
{
"cve": "CVE-2023-52474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests\n\nhfi1 user SDMA request processing has two bugs that can cause data\ncorruption for user SDMA requests that have multiple payload iovecs\nwhere an iovec other than the tail iovec does not run up to the page\nboundary for the buffer pointed to by that iovec.a\n\nHere are the specific bugs:\n1. user_sdma_txadd() does not use struct user_sdma_iovec-\u003eiov.iov_len.\n Rather, user_sdma_txadd() will add up to PAGE_SIZE bytes from iovec\n to the packet, even if some of those bytes are past\n iovec-\u003eiov.iov_len and are thus not intended to be in the packet.\n2. user_sdma_txadd() and user_sdma_send_pkts() fail to advance to the\n next iovec in user_sdma_request-\u003eiovs when the current iovec\n is not PAGE_SIZE and does not contain enough data to complete the\n packet. The transmitted packet will contain the wrong data from the\n iovec pages.\n\nThis has not been an issue with SDMA packets from hfi1 Verbs or PSM2\nbecause they only produce iovecs that end short of PAGE_SIZE as the tail\niovec of an SDMA request.\n\nFixing these bugs exposes other bugs with the SDMA pin cache\n(struct mmu_rb_handler) that get in way of supporting user SDMA requests\nwith multiple payload iovecs whose buffers do not end at PAGE_SIZE. So\nthis commit fixes those issues as well.\n\nHere are the mmu_rb_handler bugs that non-PAGE_SIZE-end multi-iovec\npayload user SDMA requests can hit:\n1. Overlapping memory ranges in mmu_rb_handler will result in duplicate\n pinnings.\n2. When extending an existing mmu_rb_handler entry (struct mmu_rb_node),\n the mmu_rb code (1) removes the existing entry under a lock, (2)\n releases that lock, pins the new pages, (3) then reacquires the lock\n to insert the extended mmu_rb_node.\n\n If someone else comes in and inserts an overlapping entry between (2)\n and (3), insert in (3) will fail.\n\n The failure path code in this case unpins _all_ pages in either the\n original mmu_rb_node or the new mmu_rb_node that was inserted between\n (2) and (3).\n3. In hfi1_mmu_rb_remove_unless_exact(), mmu_rb_node-\u003erefcount is\n incremented outside of mmu_rb_handler-\u003elock. As a result, mmu_rb_node\n could be evicted by another thread that gets mmu_rb_handler-\u003elock and\n checks mmu_rb_node-\u003erefcount before mmu_rb_node-\u003erefcount is\n incremented.\n4. Related to #2 above, SDMA request submission failure path does not\n check mmu_rb_node-\u003erefcount before freeing mmu_rb_node object.\n\n If there are other SDMA requests in progress whose iovecs have\n pointers to the now-freed mmu_rb_node(s), those pointers to the\n now-freed mmu_rb nodes will be dereferenced when those SDMA requests\n complete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52474",
"url": "https://www.suse.com/security/cve/CVE-2023-52474"
},
{
"category": "external",
"summary": "SUSE Bug 1220445 for CVE-2023-52474",
"url": "https://bugzilla.suse.com/1220445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2023-52476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/lbr: Filter vsyscall addresses\n\nWe found that a panic can occur when a vsyscall is made while LBR sampling\nis active. If the vsyscall is interrupted (NMI) for perf sampling, this\ncall sequence can occur (most recent at top):\n\n __insn_get_emulate_prefix()\n insn_get_emulate_prefix()\n insn_get_prefixes()\n insn_get_opcode()\n decode_branch_type()\n get_branch_type()\n intel_pmu_lbr_filter()\n intel_pmu_handle_irq()\n perf_event_nmi_handler()\n\nWithin __insn_get_emulate_prefix() at frame 0, a macro is called:\n\n peek_nbyte_next(insn_byte_t, insn, i)\n\nWithin this macro, this dereference occurs:\n\n (insn)-\u003enext_byte\n\nInspecting registers at this point, the value of the next_byte field is the\naddress of the vsyscall made, for example the location of the vsyscall\nversion of gettimeofday() at 0xffffffffff600000. The access to an address\nin the vsyscall region will trigger an oops due to an unhandled page fault.\n\nTo fix the bug, filtering for vsyscalls can be done when\ndetermining the branch type. This patch will return\na \"none\" branch if a kernel address if found to lie in the\nvsyscall region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52476",
"url": "https://www.suse.com/security/cve/CVE-2023-52476"
},
{
"category": "external",
"summary": "SUSE Bug 1220703 for CVE-2023-52476",
"url": "https://bugzilla.suse.com/1220703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52476"
},
{
"cve": "CVE-2023-52477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: hub: Guard against accesses to uninitialized BOS descriptors\n\nMany functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h\naccess fields inside udev-\u003ebos without checking if it was allocated and\ninitialized. If usb_get_bos_descriptor() fails for whatever\nreason, udev-\u003ebos will be NULL and those accesses will result in a\ncrash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000018\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 5 PID: 17818 Comm: kworker/5:1 Tainted: G W 5.15.108-18910-gab0e1cb584e1 #1 \u003cHASH:1f9e 1\u003e\nHardware name: Google Kindred/Kindred, BIOS Google_Kindred.12672.413.0 02/03/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:hub_port_reset+0x193/0x788\nCode: 89 f7 e8 20 f7 15 00 48 8b 43 08 80 b8 96 03 00 00 03 75 36 0f b7 88 92 03 00 00 81 f9 10 03 00 00 72 27 48 8b 80 a8 03 00 00 \u003c48\u003e 83 78 18 00 74 19 48 89 df 48 8b 75 b0 ba 02 00 00 00 4c 89 e9\nRSP: 0018:ffffab740c53fcf8 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffa1bc5f678000 RCX: 0000000000000310\nRDX: fffffffffffffdff RSI: 0000000000000286 RDI: ffffa1be9655b840\nRBP: ffffab740c53fd70 R08: 00001b7d5edaa20c R09: ffffffffb005e060\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: ffffab740c53fd3e R14: 0000000000000032 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffffa1be96540000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000018 CR3: 000000022e80c005 CR4: 00000000003706e0\nCall Trace:\nhub_event+0x73f/0x156e\n? hub_activate+0x5b7/0x68f\nprocess_one_work+0x1a2/0x487\nworker_thread+0x11a/0x288\nkthread+0x13a/0x152\n? process_one_work+0x487/0x487\n? kthread_associate_blkcg+0x70/0x70\nret_from_fork+0x1f/0x30\n\nFall back to a default behavior if the BOS descriptor isn\u0027t accessible\nand skip all the functionalities that depend on it: LPM support checks,\nSuper Speed capabilitiy checks, U1/U2 states setup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52477",
"url": "https://www.suse.com/security/cve/CVE-2023-52477"
},
{
"category": "external",
"summary": "SUSE Bug 1220790 for CVE-2023-52477",
"url": "https://bugzilla.suse.com/1220790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52477"
},
{
"cve": "CVE-2023-52486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52486"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Don\u0027t unref the same fb many times by mistake due to deadlock handling\n\nIf we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl()\nwe proceed to unref the fb and then retry the whole thing from the top.\nBut we forget to reset the fb pointer back to NULL, and so if we then\nget another error during the retry, before the fb lookup, we proceed\nthe unref the same fb again without having gotten another reference.\nThe end result is that the fb will (eventually) end up being freed\nwhile it\u0027s still in use.\n\nReset fb to NULL once we\u0027ve unreffed it to avoid doing it again\nuntil we\u0027ve done another fb lookup.\n\nThis turned out to be pretty easy to hit on a DG2 when doing async\nflips (and CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y). The first symptom I\nsaw that drm_closefb() simply got stuck in a busy loop while walking\nthe framebuffer list. Fortunately I was able to convince it to oops\ninstead, and from there it was easier to track down the culprit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52486",
"url": "https://www.suse.com/security/cve/CVE-2023-52486"
},
{
"category": "external",
"summary": "SUSE Bug 1221277 for CVE-2023-52486",
"url": "https://bugzilla.suse.com/1221277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52486"
},
{
"cve": "CVE-2023-52488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO\n\nThe SC16IS7XX IC supports a burst mode to access the FIFOs where the\ninitial register address is sent ($00), followed by all the FIFO data\nwithout having to resend the register address each time. In this mode, the\nIC doesn\u0027t increment the register address for each R/W byte.\n\nThe regmap_raw_read() and regmap_raw_write() are functions which can\nperform IO over multiple registers. They are currently used to read/write\nfrom/to the FIFO, and although they operate correctly in this burst mode on\nthe SPI bus, they would corrupt the regmap cache if it was not disabled\nmanually. The reason is that when the R/W size is more than 1 byte, these\nfunctions assume that the register address is incremented and handle the\ncache accordingly.\n\nConvert FIFO R/W functions to use the regmap _noinc_ versions in order to\nremove the manual cache control which was a workaround when using the\n_raw_ versions. FIFO registers are properly declared as volatile so\ncache will not be used/updated for FIFO accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52488",
"url": "https://www.suse.com/security/cve/CVE-2023-52488"
},
{
"category": "external",
"summary": "SUSE Bug 1221162 for CVE-2023-52488",
"url": "https://bugzilla.suse.com/1221162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52488"
},
{
"cve": "CVE-2023-52509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nravb: Fix use-after-free issue in ravb_tx_timeout_work()\n\nThe ravb_stop() should call cancel_work_sync(). Otherwise,\nravb_tx_timeout_work() is possible to use the freed priv after\nravb_remove() was called like below:\n\nCPU0\t\t\tCPU1\n\t\t\travb_tx_timeout()\nravb_remove()\nunregister_netdev()\nfree_netdev(ndev)\n// free priv\n\t\t\travb_tx_timeout_work()\n\t\t\t// use priv\n\nunregister_netdev() will call .ndo_stop() so that ravb_stop() is\ncalled. And, after phy_stop() is called, netif_carrier_off()\nis also called. So that .ndo_tx_timeout() will not be called\nafter phy_stop().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52509",
"url": "https://www.suse.com/security/cve/CVE-2023-52509"
},
{
"category": "external",
"summary": "SUSE Bug 1220836 for CVE-2023-52509",
"url": "https://bugzilla.suse.com/1220836"
},
{
"category": "external",
"summary": "SUSE Bug 1223290 for CVE-2023-52509",
"url": "https://bugzilla.suse.com/1223290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2023-52509"
},
{
"cve": "CVE-2023-52515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srp: Do not call scsi_done() from srp_abort()\n\nAfter scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler\ncallback, it performs one of the following actions:\n* Call scsi_queue_insert().\n* Call scsi_finish_command().\n* Call scsi_eh_scmd_add().\nHence, SCSI abort handlers must not call scsi_done(). Otherwise all\nthe above actions would trigger a use-after-free. Hence remove the\nscsi_done() call from srp_abort(). Keep the srp_free_req() call\nbefore returning SUCCESS because we may not see the command again if\nSUCCESS is returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52515",
"url": "https://www.suse.com/security/cve/CVE-2023-52515"
},
{
"category": "external",
"summary": "SUSE Bug 1221048 for CVE-2023-52515",
"url": "https://bugzilla.suse.com/1221048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52515"
},
{
"cve": "CVE-2023-52524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: llcp: Add lock when modifying device list\n\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52524",
"url": "https://www.suse.com/security/cve/CVE-2023-52524"
},
{
"category": "external",
"summary": "SUSE Bug 1220927 for CVE-2023-52524",
"url": "https://bugzilla.suse.com/1220927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52524"
},
{
"cve": "CVE-2023-52528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg\n\nsyzbot reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\nBUG: KMSAN: uninit-value in smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\nCPU: 0 PID: 8696 Comm: kworker/0:3 Not tainted 5.8.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x21c/0x280 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\n smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\n usbnet_probe+0x1152/0x3f90 drivers/net/usb/usbnet.c:1737\n usb_probe_interface+0xece/0x1550 drivers/usb/core/driver.c:374\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_set_configuration+0x380f/0x3f10 drivers/usb/core/message.c:2032\n usb_generic_driver_probe+0x138/0x300 drivers/usb/core/generic.c:241\n usb_probe_device+0x311/0x490 drivers/usb/core/driver.c:272\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_new_device+0x1bd4/0x2a30 drivers/usb/core/hub.c:2554\n hub_port_connect drivers/usb/core/hub.c:5208 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]\n port_event drivers/usb/core/hub.c:5494 [inline]\n hub_event+0x5e7b/0x8a70 drivers/usb/core/hub.c:5576\n process_one_work+0x1688/0x2140 kernel/workqueue.c:2269\n worker_thread+0x10bc/0x2730 kernel/workqueue.c:2415\n kthread+0x551/0x590 kernel/kthread.c:292\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293\n\nLocal variable ----buf.i87@smsc75xx_bind created at:\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n\nThis issue is caused because usbnet_read_cmd() reads less bytes than requested\n(zero byte in the reproducer). In this case, \u0027buf\u0027 is not properly filled.\n\nThis patch fixes the issue by returning -ENODATA if usbnet_read_cmd() reads\nless bytes than requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52528",
"url": "https://www.suse.com/security/cve/CVE-2023-52528"
},
{
"category": "external",
"summary": "SUSE Bug 1220843 for CVE-2023-52528",
"url": "https://bugzilla.suse.com/1220843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52528"
},
{
"cve": "CVE-2023-52575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52575"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52575",
"url": "https://www.suse.com/security/cve/CVE-2023-52575"
},
{
"category": "external",
"summary": "SUSE Bug 1220871 for CVE-2023-52575",
"url": "https://bugzilla.suse.com/1220871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52575"
},
{
"cve": "CVE-2023-52583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix deadlock or deadcode of misusing dget()\n\nThe lock order is incorrect between denty and its parent, we should\nalways make sure that the parent get the lock first.\n\nBut since this deadcode is never used and the parent dir will always\nbe set from the callers, let\u0027s just remove it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52583",
"url": "https://www.suse.com/security/cve/CVE-2023-52583"
},
{
"category": "external",
"summary": "SUSE Bug 1221058 for CVE-2023-52583",
"url": "https://bugzilla.suse.com/1221058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52583"
},
{
"cve": "CVE-2023-52587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/ipoib: Fix mcast list locking\n\nReleasing the `priv-\u003elock` while iterating the `priv-\u003emulticast_list` in\n`ipoib_mcast_join_task()` opens a window for `ipoib_mcast_dev_flush()` to\nremove the items while in the middle of iteration. If the mcast is removed\nwhile the lock was dropped, the for loop spins forever resulting in a hard\nlockup (as was reported on RHEL 4.18.0-372.75.1.el8_6 kernel):\n\n Task A (kworker/u72:2 below) | Task B (kworker/u72:0 below)\n -----------------------------------+-----------------------------------\n ipoib_mcast_join_task(work) | ipoib_ib_dev_flush_light(work)\n spin_lock_irq(\u0026priv-\u003elock) | __ipoib_ib_dev_flush(priv, ...)\n list_for_each_entry(mcast, | ipoib_mcast_dev_flush(dev = priv-\u003edev)\n \u0026priv-\u003emulticast_list, list) |\n ipoib_mcast_join(dev, mcast) |\n spin_unlock_irq(\u0026priv-\u003elock) |\n | spin_lock_irqsave(\u0026priv-\u003elock, flags)\n | list_for_each_entry_safe(mcast, tmcast,\n | \u0026priv-\u003emulticast_list, list)\n | list_del(\u0026mcast-\u003elist);\n | list_add_tail(\u0026mcast-\u003elist, \u0026remove_list)\n | spin_unlock_irqrestore(\u0026priv-\u003elock, flags)\n spin_lock_irq(\u0026priv-\u003elock) |\n | ipoib_mcast_remove_list(\u0026remove_list)\n (Here, `mcast` is no longer on the | list_for_each_entry_safe(mcast, tmcast,\n `priv-\u003emulticast_list` and we keep | remove_list, list)\n spinning on the `remove_list` of | \u003e\u003e\u003e wait_for_completion(\u0026mcast-\u003edone)\n the other thread which is blocked |\n and the list is still valid on |\n it\u0027s stack.)\n\nFix this by keeping the lock held and changing to GFP_ATOMIC to prevent\neventual sleeps.\nUnfortunately we could not reproduce the lockup and confirm this fix but\nbased on the code review I think this fix should address such lockups.\n\ncrash\u003e bc 31\nPID: 747 TASK: ff1c6a1a007e8000 CPU: 31 COMMAND: \"kworker/u72:2\"\n--\n [exception RIP: ipoib_mcast_join_task+0x1b1]\n RIP: ffffffffc0944ac1 RSP: ff646f199a8c7e00 RFLAGS: 00000002\n RAX: 0000000000000000 RBX: ff1c6a1a04dc82f8 RCX: 0000000000000000\n work (\u0026priv-\u003emcast_task{,.work})\n RDX: ff1c6a192d60ac68 RSI: 0000000000000286 RDI: ff1c6a1a04dc8000\n \u0026mcast-\u003elist\n RBP: ff646f199a8c7e90 R8: ff1c699980019420 R9: ff1c6a1920c9a000\n R10: ff646f199a8c7e00 R11: ff1c6a191a7d9800 R12: ff1c6a192d60ac00\n mcast\n R13: ff1c6a1d82200000 R14: ff1c6a1a04dc8000 R15: ff1c6a1a04dc82d8\n dev priv (\u0026priv-\u003elock) \u0026priv-\u003emulticast_list (aka head)\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n--- \u003cNMI exception stack\u003e ---\n #5 [ff646f199a8c7e00] ipoib_mcast_join_task+0x1b1 at ffffffffc0944ac1 [ib_ipoib]\n #6 [ff646f199a8c7e98] process_one_work+0x1a7 at ffffffff9bf10967\n\ncrash\u003e rx ff646f199a8c7e68\nff646f199a8c7e68: ff1c6a1a04dc82f8 \u003c\u003c\u003c work = \u0026priv-\u003emcast_task.work\n\ncrash\u003e list -hO ipoib_dev_priv.multicast_list ff1c6a1a04dc8000\n(empty)\n\ncrash\u003e ipoib_dev_priv.mcast_task.work.func,mcast_mutex.owner.counter ff1c6a1a04dc8000\n mcast_task.work.func = 0xffffffffc0944910 \u003cipoib_mcast_join_task\u003e,\n mcast_mutex.owner.counter = 0xff1c69998efec000\n\ncrash\u003e b 8\nPID: 8 TASK: ff1c69998efec000 CPU: 33 COMMAND: \"kworker/u72:0\"\n--\n #3 [ff646f1980153d50] wait_for_completion+0x96 at ffffffff9c7d7646\n #4 [ff646f1980153d90] ipoib_mcast_remove_list+0x56 at ffffffffc0944dc6 [ib_ipoib]\n #5 [ff646f1980153de8] ipoib_mcast_dev_flush+0x1a7 at ffffffffc09455a7 [ib_ipoib]\n #6 [ff646f1980153e58] __ipoib_ib_dev_flush+0x1a4 at ffffffffc09431a4 [ib_ipoib]\n #7 [ff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52587",
"url": "https://www.suse.com/security/cve/CVE-2023-52587"
},
{
"category": "external",
"summary": "SUSE Bug 1221082 for CVE-2023-52587",
"url": "https://bugzilla.suse.com/1221082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52587"
},
{
"cve": "CVE-2023-52590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change ocfs2 rename code to avoid touching renamed directory if\nits parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52590",
"url": "https://www.suse.com/security/cve/CVE-2023-52590"
},
{
"category": "external",
"summary": "SUSE Bug 1221088 for CVE-2023-52590",
"url": "https://bugzilla.suse.com/1221088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52590"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rt2x00: restart beacon queue when hardware reset\n\nWhen a hardware reset is triggered, all registers are reset, so all\nqueues are forced to stop in hardware interface. However, mac80211\nwill not automatically stop the queue. If we don\u0027t manually stop the\nbeacon queue, the queue will be deadlocked and unable to start again.\nThis patch fixes the issue where Apple devices cannot connect to the\nAP after calling ieee80211_restart_hw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52595",
"url": "https://www.suse.com/security/cve/CVE-2023-52595"
},
{
"category": "external",
"summary": "SUSE Bug 1221046 for CVE-2023-52595",
"url": "https://bugzilla.suse.com/1221046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52595"
},
{
"cve": "CVE-2023-52598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ptrace: handle setting of fpc register correctly\n\nIf the content of the floating point control (fpc) register of a traced\nprocess is modified with the ptrace interface the new value is tested for\nvalidity by temporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the tracing process:\nif an interrupt happens while the value is temporarily loaded into the\nfpc register, and within interrupt context floating point or vector\nregisters are used, the current fp/vx registers are saved with\nsave_fpu_regs() assuming they belong to user space and will be loaded into\nfp/vx registers when returning to user space.\n\ntest_fp_ctl() restores the original user space fpc register value, however\nit will be discarded, when returning to user space.\n\nIn result the tracer will incorrectly continue to run with the value that\nwas supposed to be used for the traced process.\n\nFix this by saving fpu register contents with save_fpu_regs() before using\ntest_fp_ctl().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52598",
"url": "https://www.suse.com/security/cve/CVE-2023-52598"
},
{
"category": "external",
"summary": "SUSE Bug 1221060 for CVE-2023-52598",
"url": "https://bugzilla.suse.com/1221060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52598"
},
{
"cve": "CVE-2023-52607",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52607"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/mm: Fix null-pointer dereference in pgtable_cache_add\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52607",
"url": "https://www.suse.com/security/cve/CVE-2023-52607"
},
{
"category": "external",
"summary": "SUSE Bug 1221061 for CVE-2023-52607",
"url": "https://bugzilla.suse.com/1221061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52607"
},
{
"cve": "CVE-2023-52614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don\u0027t have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52614",
"url": "https://www.suse.com/security/cve/CVE-2023-52614"
},
{
"category": "external",
"summary": "SUSE Bug 1221617 for CVE-2023-52614",
"url": "https://bugzilla.suse.com/1221617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52614"
},
{
"cve": "CVE-2023-52620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52620"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow timeout for anonymous sets\n\nNever used from userspace, disallow these parameters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52620",
"url": "https://www.suse.com/security/cve/CVE-2023-52620"
},
{
"category": "external",
"summary": "SUSE Bug 1221825 for CVE-2023-52620",
"url": "https://bugzilla.suse.com/1221825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52620"
},
{
"cve": "CVE-2023-52628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52628"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nftables: exthdr: fix 4-byte stack OOB write\n\nIf priv-\u003elen is a multiple of 4, then dst[len / 4] can write past\nthe destination array which leads to stack corruption.\n\nThis construct is necessary to clean the remainder of the register\nin case -\u003elen is NOT a multiple of the register size, so make it\nconditional just like nft_payload.c does.\n\nThe bug was added in 4.1 cycle and then copied/inherited when\ntcp/sctp and ip option support was added.\n\nBug reported by Zero Day Initiative project (ZDI-CAN-21950,\nZDI-CAN-21951, ZDI-CAN-21961).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52628",
"url": "https://www.suse.com/security/cve/CVE-2023-52628"
},
{
"category": "external",
"summary": "SUSE Bug 1222117 for CVE-2023-52628",
"url": "https://bugzilla.suse.com/1222117"
},
{
"category": "external",
"summary": "SUSE Bug 1222118 for CVE-2023-52628",
"url": "https://bugzilla.suse.com/1222118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2023-52628"
},
{
"cve": "CVE-2023-52635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Synchronize devfreq_monitor_[start/stop]\n\nThere is a chance if a frequent switch of the governor\ndone in a loop result in timer list corruption where\ntimer cancel being done from two place one from\ncancel_delayed_work_sync() and followed by expire_timers()\ncan be seen from the traces[1].\n\nwhile true\ndo\n echo \"simple_ondemand\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\n echo \"performance\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\ndone\n\nIt looks to be issue with devfreq driver where\ndevice_monitor_[start/stop] need to synchronized so that\ndelayed work should get corrupted while it is either\nbeing queued or running or being cancelled.\n\nLet\u0027s use polling flag and devfreq lock to synchronize the\nqueueing the timer instance twice and work data being\ncorrupted.\n\n[1]\n...\n..\n\u003cidle\u003e-0 [003] 9436.209662: timer_cancel timer=0xffffff80444f0428\n\u003cidle\u003e-0 [003] 9436.209664: timer_expire_entry timer=0xffffff80444f0428 now=0x10022da1c function=__typeid__ZTSFvP10timer_listE_global_addr baseclk=0x10022da1c\n\u003cidle\u003e-0 [003] 9436.209718: timer_expire_exit timer=0xffffff80444f0428\nkworker/u16:6-14217 [003] 9436.209863: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2b now=0x10022da1c flags=182452227\nvendor.xxxyyy.ha-1593 [004] 9436.209888: timer_cancel timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216390: timer_init timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216392: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2c now=0x10022da1d flags=186646532\nvendor.xxxyyy.ha-1593 [005] 9436.220992: timer_cancel timer=0xffffff80444f0428\nxxxyyyTraceManag-7795 [004] 9436.261641: timer_cancel timer=0xffffff80444f0428\n\n[2]\n\n 9436.261653][ C4] Unable to handle kernel paging request at virtual address dead00000000012a\n[ 9436.261664][ C4] Mem abort info:\n[ 9436.261666][ C4] ESR = 0x96000044\n[ 9436.261669][ C4] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 9436.261671][ C4] SET = 0, FnV = 0\n[ 9436.261673][ C4] EA = 0, S1PTW = 0\n[ 9436.261675][ C4] Data abort info:\n[ 9436.261677][ C4] ISV = 0, ISS = 0x00000044\n[ 9436.261680][ C4] CM = 0, WnR = 1\n[ 9436.261682][ C4] [dead00000000012a] address between user and kernel address ranges\n[ 9436.261685][ C4] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 9436.261701][ C4] Skip md ftrace buffer dump for: 0x3a982d0\n...\n\n[ 9436.262138][ C4] CPU: 4 PID: 7795 Comm: TraceManag Tainted: G S W O 5.10.149-android12-9-o-g17f915d29d0c #1\n[ 9436.262141][ C4] Hardware name: Qualcomm Technologies, Inc. (DT)\n[ 9436.262144][ C4] pstate: 22400085 (nzCv daIf +PAN -UAO +TCO BTYPE=--)\n[ 9436.262161][ C4] pc : expire_timers+0x9c/0x438\n[ 9436.262164][ C4] lr : expire_timers+0x2a4/0x438\n[ 9436.262168][ C4] sp : ffffffc010023dd0\n[ 9436.262171][ C4] x29: ffffffc010023df0 x28: ffffffd0636fdc18\n[ 9436.262178][ C4] x27: ffffffd063569dd0 x26: ffffffd063536008\n[ 9436.262182][ C4] x25: 0000000000000001 x24: ffffff88f7c69280\n[ 9436.262185][ C4] x23: 00000000000000e0 x22: dead000000000122\n[ 9436.262188][ C4] x21: 000000010022da29 x20: ffffff8af72b4e80\n[ 9436.262191][ C4] x19: ffffffc010023e50 x18: ffffffc010025038\n[ 9436.262195][ C4] x17: 0000000000000240 x16: 0000000000000201\n[ 9436.262199][ C4] x15: ffffffffffffffff x14: ffffff889f3c3100\n[ 9436.262203][ C4] x13: ffffff889f3c3100 x12: 00000000049f56b8\n[ 9436.262207][ C4] x11: 00000000049f56b8 x10: 00000000ffffffff\n[ 9436.262212][ C4] x9 : ffffffc010023e50 x8 : dead000000000122\n[ 9436.262216][ C4] x7 : ffffffffffffffff x6 : ffffffc0100239d8\n[ 9436.262220][ C4] x5 : 0000000000000000 x4 : 0000000000000101\n[ 9436.262223][ C4] x3 : 0000000000000080 x2 : ffffff8\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52635",
"url": "https://www.suse.com/security/cve/CVE-2023-52635"
},
{
"category": "external",
"summary": "SUSE Bug 1222294 for CVE-2023-52635",
"url": "https://bugzilla.suse.com/1222294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52635"
},
{
"cve": "CVE-2023-52639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: vsie: fix race during shadow creation\n\nRight now it is possible to see gmap-\u003eprivate being zero in\nkvm_s390_vsie_gmap_notifier resulting in a crash. This is due to the\nfact that we add gmap-\u003eprivate == kvm after creation:\n\nstatic int acquire_gmap_shadow(struct kvm_vcpu *vcpu,\n struct vsie_page *vsie_page)\n{\n[...]\n gmap = gmap_shadow(vcpu-\u003earch.gmap, asce, edat);\n if (IS_ERR(gmap))\n return PTR_ERR(gmap);\n gmap-\u003eprivate = vcpu-\u003ekvm;\n\nLet children inherit the private field of the parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52639",
"url": "https://www.suse.com/security/cve/CVE-2023-52639"
},
{
"category": "external",
"summary": "SUSE Bug 1222300 for CVE-2023-52639",
"url": "https://bugzilla.suse.com/1222300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52639"
},
{
"cve": "CVE-2023-52644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled\n\nWhen QoS is disabled, the queue priority value will not map to the correct\nieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS\nis disabled to prevent trying to stop/wake a non-existent queue and failing\nto stop/wake the actual queue instantiated.\n\nLog of issue before change (with kernel parameter qos=0):\n [ +5.112651] ------------[ cut here ]------------\n [ +0.000005] WARNING: CPU: 7 PID: 25513 at net/mac80211/util.c:449 __ieee80211_wake_queue+0xd5/0x180 [mac80211]\n [ +0.000067] Modules linked in: b43(O) snd_seq_dummy snd_hrtimer snd_seq snd_seq_device nft_chain_nat xt_MASQUERADE nf_nat xfrm_user xfrm_algo xt_addrtype overlay ccm af_packet amdgpu snd_hda_codec_cirrus snd_hda_codec_generic ledtrig_audio drm_exec amdxcp gpu_sched xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip6t_rpfilter ipt_rpfilter xt_pkttype xt_LOG nf_log_syslog xt_tcpudp nft_compat nf_tables nfnetlink sch_fq_codel btusb uinput iTCO_wdt ctr btrtl intel_pmc_bxt i915 intel_rapl_msr mei_hdcp mei_pxp joydev at24 watchdog btintel atkbd libps2 serio radeon btbcm vivaldi_fmap btmtk intel_rapl_common snd_hda_codec_hdmi bluetooth uvcvideo nls_iso8859_1 applesmc nls_cp437 x86_pkg_temp_thermal snd_hda_intel intel_powerclamp vfat videobuf2_vmalloc coretemp fat snd_intel_dspcfg crc32_pclmul uvc polyval_clmulni snd_intel_sdw_acpi loop videobuf2_memops snd_hda_codec tun drm_suballoc_helper polyval_generic drm_ttm_helper drm_buddy tap ecdh_generic videobuf2_v4l2 gf128mul macvlan ttm ghash_clmulni_intel ecc tg3\n [ +0.000044] videodev bridge snd_hda_core rapl crc16 drm_display_helper cec mousedev snd_hwdep evdev intel_cstate bcm5974 hid_appleir videobuf2_common stp mac_hid libphy snd_pcm drm_kms_helper acpi_als mei_me intel_uncore llc mc snd_timer intel_gtt industrialio_triggered_buffer apple_mfi_fastcharge i2c_i801 mei snd lpc_ich agpgart ptp i2c_smbus thunderbolt apple_gmux i2c_algo_bit kfifo_buf video industrialio soundcore pps_core wmi tiny_power_button sbs sbshc button ac cordic bcma mac80211 cfg80211 ssb rfkill libarc4 kvm_intel kvm drm irqbypass fuse backlight firmware_class efi_pstore configfs efivarfs dmi_sysfs ip_tables x_tables autofs4 dm_crypt cbc encrypted_keys trusted asn1_encoder tee tpm rng_core input_leds hid_apple led_class hid_generic usbhid hid sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif crct10dif_generic ahci libahci libata uhci_hcd ehci_pci ehci_hcd crct10dif_pclmul crct10dif_common sha512_ssse3 sha512_generic sha256_ssse3 sha1_ssse3 aesni_intel usbcore scsi_mod libaes crypto_simd cryptd scsi_common\n [ +0.000055] usb_common rtc_cmos btrfs blake2b_generic libcrc32c crc32c_generic crc32c_intel xor raid6_pq dm_snapshot dm_bufio dm_mod dax [last unloaded: b43(O)]\n [ +0.000009] CPU: 7 PID: 25513 Comm: irq/17-b43 Tainted: G W O 6.6.7 #1-NixOS\n [ +0.000003] Hardware name: Apple Inc. MacBookPro8,3/Mac-942459F5819B171B, BIOS 87.0.0.0.0 06/13/2019\n [ +0.000001] RIP: 0010:__ieee80211_wake_queue+0xd5/0x180 [mac80211]\n [ +0.000046] Code: 00 45 85 e4 0f 85 9b 00 00 00 48 8d bd 40 09 00 00 f0 48 0f ba ad 48 09 00 00 00 72 0f 5b 5d 41 5c 41 5d 41 5e e9 cb 6d 3c d0 \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e c3 cc cc cc cc 48 8d b4 16 94 00 00\n [ +0.000002] RSP: 0018:ffffc90003c77d60 EFLAGS: 00010097\n [ +0.000001] RAX: 0000000000000001 RBX: 0000000000000002 RCX: 0000000000000000\n [ +0.000001] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff88820b924900\n [ +0.000002] RBP: ffff88820b924900 R08: ffffc90003c77d90 R09: 000000000003bfd0\n [ +0.000001] R10: ffff88820b924900 R11: ffffc90003c77c68 R12: 0000000000000000\n [ +0.000001] R13: 0000000000000000 R14: ffffc90003c77d90 R15: ffffffffc0fa6f40\n [ +0.000001] FS: 0000000000000000(0000) GS:ffff88846fb80000(0000) knlGS:0000000000000000\n [ +0.000001] CS: 0010 DS: 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52644",
"url": "https://www.suse.com/security/cve/CVE-2023-52644"
},
{
"category": "external",
"summary": "SUSE Bug 1222961 for CVE-2023-52644",
"url": "https://bugzilla.suse.com/1222961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52644"
},
{
"cve": "CVE-2023-52646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm-\u003eioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52646",
"url": "https://www.suse.com/security/cve/CVE-2023-52646"
},
{
"category": "external",
"summary": "SUSE Bug 1223432 for CVE-2023-52646",
"url": "https://bugzilla.suse.com/1223432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: dsi: Add missing check for of_find_device_by_node\n\nAdd check for the return value of of_find_device_by_node() and return\nthe error if it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52650",
"url": "https://www.suse.com/security/cve/CVE-2023-52650"
},
{
"category": "external",
"summary": "SUSE Bug 1223770 for CVE-2023-52650",
"url": "https://bugzilla.suse.com/1223770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52650"
},
{
"cve": "CVE-2023-52652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52652",
"url": "https://www.suse.com/security/cve/CVE-2023-52652"
},
{
"category": "external",
"summary": "SUSE Bug 1223686 for CVE-2023-52652",
"url": "https://bugzilla.suse.com/1223686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2023-6356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6356"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6356",
"url": "https://www.suse.com/security/cve/CVE-2023-6356"
},
{
"category": "external",
"summary": "SUSE Bug 1217987 for CVE-2023-6356",
"url": "https://bugzilla.suse.com/1217987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-6356"
},
{
"cve": "CVE-2023-6535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6535"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6535",
"url": "https://www.suse.com/security/cve/CVE-2023-6535"
},
{
"category": "external",
"summary": "SUSE Bug 1217988 for CVE-2023-6535",
"url": "https://bugzilla.suse.com/1217988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-6535"
},
{
"cve": "CVE-2023-6536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6536"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6536",
"url": "https://www.suse.com/security/cve/CVE-2023-6536"
},
{
"category": "external",
"summary": "SUSE Bug 1217989 for CVE-2023-6536",
"url": "https://bugzilla.suse.com/1217989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-6536"
},
{
"cve": "CVE-2023-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7042"
}
],
"notes": [
{
"category": "general",
"text": "A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7042",
"url": "https://www.suse.com/security/cve/CVE-2023-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1218336 for CVE-2023-7042",
"url": "https://bugzilla.suse.com/1218336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-7042"
},
{
"cve": "CVE-2023-7192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7192"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7192",
"url": "https://www.suse.com/security/cve/CVE-2023-7192"
},
{
"category": "external",
"summary": "SUSE Bug 1218479 for CVE-2023-7192",
"url": "https://bugzilla.suse.com/1218479"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-7192",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-7192"
},
{
"cve": "CVE-2024-0639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0639"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u0027s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0639",
"url": "https://www.suse.com/security/cve/CVE-2024-0639"
},
{
"category": "external",
"summary": "SUSE Bug 1218917 for CVE-2024-0639",
"url": "https://bugzilla.suse.com/1218917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-2201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2201"
}
],
"notes": [
{
"category": "general",
"text": "A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2201",
"url": "https://www.suse.com/security/cve/CVE-2024-2201"
},
{
"category": "external",
"summary": "SUSE Bug 1212111 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1212111"
},
{
"category": "external",
"summary": "SUSE Bug 1217339 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1217339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-2201"
},
{
"cve": "CVE-2024-22099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-22099"
}
],
"notes": [
{
"category": "general",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-22099",
"url": "https://www.suse.com/security/cve/CVE-2024-22099"
},
{
"category": "external",
"summary": "SUSE Bug 1219170 for CVE-2024-22099",
"url": "https://bugzilla.suse.com/1219170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-23848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23848",
"url": "https://www.suse.com/security/cve/CVE-2024-23848"
},
{
"category": "external",
"summary": "SUSE Bug 1219104 for CVE-2024-23848",
"url": "https://bugzilla.suse.com/1219104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-24855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24855"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24855",
"url": "https://www.suse.com/security/cve/CVE-2024-24855"
},
{
"category": "external",
"summary": "SUSE Bug 1219618 for CVE-2024-24855",
"url": "https://bugzilla.suse.com/1219618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-24861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24861"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24861",
"url": "https://www.suse.com/security/cve/CVE-2024-24861"
},
{
"category": "external",
"summary": "SUSE Bug 1219623 for CVE-2024-24861",
"url": "https://bugzilla.suse.com/1219623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-24861"
},
{
"cve": "CVE-2024-26614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue\u0027s spinlocks once\n\nWhen I run syz\u0027s reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff \u003c0f\u003e 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n\u003cIRQ\u003e\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n\u003c/IRQ\u003e\n\u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n\u003c/TASK\u003e\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26614",
"url": "https://www.suse.com/security/cve/CVE-2024-26614"
},
{
"category": "external",
"summary": "SUSE Bug 1221293 for CVE-2024-26614",
"url": "https://bugzilla.suse.com/1221293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26614"
},
{
"cve": "CVE-2024-26642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26642",
"url": "https://www.suse.com/security/cve/CVE-2024-26642"
},
{
"category": "external",
"summary": "SUSE Bug 1221830 for CVE-2024-26642",
"url": "https://bugzilla.suse.com/1221830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26642"
},
{
"cve": "CVE-2024-26651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsr9800: Add check for usbnet_get_endpoints\n\nAdd check for usbnet_get_endpoints() and return the error if it fails\nin order to transfer the error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26651",
"url": "https://www.suse.com/security/cve/CVE-2024-26651"
},
{
"category": "external",
"summary": "SUSE Bug 1221337 for CVE-2024-26651",
"url": "https://bugzilla.suse.com/1221337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26651"
},
{
"cve": "CVE-2024-26671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26671",
"url": "https://www.suse.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "SUSE Bug 1222357 for CVE-2024-26671",
"url": "https://bugzilla.suse.com/1222357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26671"
},
{
"cve": "CVE-2024-26675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp_async: limit MRU to 64K\n\nsyzbot triggered a warning [1] in __alloc_pages():\n\nWARN_ON_ONCE_GFP(order \u003e MAX_PAGE_ORDER, gfp)\n\nWillem fixed a similar issue in commit c0a2a1b0d631 (\"ppp: limit MRU to 64K\")\n\nAdopt the same sanity check for ppp_async_ioctl(PPPIOCSMRU)\n\n[1]:\n\n WARNING: CPU: 1 PID: 11 at mm/page_alloc.c:4543 __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\nModules linked in:\nCPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted 6.8.0-rc2-syzkaller-g41bccc98fb79 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: events_unbound flush_to_ldisc\npstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n lr : __alloc_pages+0xc8/0x698 mm/page_alloc.c:4537\nsp : ffff800093967580\nx29: ffff800093967660 x28: ffff8000939675a0 x27: dfff800000000000\nx26: ffff70001272ceb4 x25: 0000000000000000 x24: ffff8000939675c0\nx23: 0000000000000000 x22: 0000000000060820 x21: 1ffff0001272ceb8\nx20: ffff8000939675e0 x19: 0000000000000010 x18: ffff800093967120\nx17: ffff800083bded5c x16: ffff80008ac97500 x15: 0000000000000005\nx14: 1ffff0001272cebc x13: 0000000000000000 x12: 0000000000000000\nx11: ffff70001272cec1 x10: 1ffff0001272cec0 x9 : 0000000000000001\nx8 : ffff800091c91000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 00000000ffffffff x4 : 0000000000000000 x3 : 0000000000000020\nx2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff8000939675e0\nCall trace:\n __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n __kmalloc_large_node+0xbc/0x1fc mm/slub.c:3926\n __do_kmalloc_node mm/slub.c:3969 [inline]\n __kmalloc_node_track_caller+0x418/0x620 mm/slub.c:4001\n kmalloc_reserve+0x17c/0x23c net/core/skbuff.c:590\n __alloc_skb+0x1c8/0x3d8 net/core/skbuff.c:651\n __netdev_alloc_skb+0xb8/0x3e8 net/core/skbuff.c:715\n netdev_alloc_skb include/linux/skbuff.h:3235 [inline]\n dev_alloc_skb include/linux/skbuff.h:3248 [inline]\n ppp_async_input drivers/net/ppp/ppp_async.c:863 [inline]\n ppp_asynctty_receive+0x588/0x186c drivers/net/ppp/ppp_async.c:341\n tty_ldisc_receive_buf+0x12c/0x15c drivers/tty/tty_buffer.c:390\n tty_port_default_receive_buf+0x74/0xac drivers/tty/tty_port.c:37\n receive_buf drivers/tty/tty_buffer.c:444 [inline]\n flush_to_ldisc+0x284/0x6e4 drivers/tty/tty_buffer.c:494\n process_one_work+0x694/0x1204 kernel/workqueue.c:2633\n process_scheduled_works kernel/workqueue.c:2706 [inline]\n worker_thread+0x938/0xef4 kernel/workqueue.c:2787\n kthread+0x288/0x310 kernel/kthread.c:388\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26675",
"url": "https://www.suse.com/security/cve/CVE-2024-26675"
},
{
"category": "external",
"summary": "SUSE Bug 1222379 for CVE-2024-26675",
"url": "https://bugzilla.suse.com/1222379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26675"
},
{
"cve": "CVE-2024-26689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: prevent use-after-free in encode_cap_msg()\n\nIn fs/ceph/caps.c, in encode_cap_msg(), \"use after free\" error was\ncaught by KASAN at this line - \u0027ceph_buffer_get(arg-\u003exattr_buf);\u0027. This\nimplies before the refcount could be increment here, it was freed.\n\nIn same file, in \"handle_cap_grant()\" refcount is decremented by this\nline - \u0027ceph_buffer_put(ci-\u003ei_xattrs.blob);\u0027. It appears that a race\noccurred and resource was freed by the latter line before the former\nline could increment it.\n\nencode_cap_msg() is called by __send_cap() and __send_cap() is called by\nceph_check_caps() after calling __prep_cap(). __prep_cap() is where\narg-\u003exattr_buf is assigned to ci-\u003ei_xattrs.blob. This is the spot where\nthe refcount must be increased to prevent \"use after free\" error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26689",
"url": "https://www.suse.com/security/cve/CVE-2024-26689"
},
{
"category": "external",
"summary": "SUSE Bug 1222503 for CVE-2024-26689",
"url": "https://bugzilla.suse.com/1222503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26689"
},
{
"cve": "CVE-2024-26704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double-free of blocks due to wrong extents moved_len\n\nIn ext4_move_extents(), moved_len is only updated when all moves are\nsuccessfully executed, and only discards orig_inode and donor_inode\npreallocations when moved_len is not zero. When the loop fails to exit\nafter successfully moving some extents, moved_len is not updated and\nremains at 0, so it does not discard the preallocations.\n\nIf the moved extents overlap with the preallocated extents, the\noverlapped extents are freed twice in ext4_mb_release_inode_pa() and\next4_process_freed_data() (as described in commit 94d7c16cbbbd (\"ext4:\nFix double-free of blocks with EXT4_IOC_MOVE_EXT\")), and bb_free is\nincremented twice. Hence when trim is executed, a zero-division bug is\ntriggered in mb_update_avg_fragment_size() because bb_free is not zero\nand bb_fragments is zero.\n\nTherefore, update move_len after each extent move to avoid the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26704",
"url": "https://www.suse.com/security/cve/CVE-2024-26704"
},
{
"category": "external",
"summary": "SUSE Bug 1222422 for CVE-2024-26704",
"url": "https://bugzilla.suse.com/1222422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26704"
},
{
"cve": "CVE-2024-26733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26733",
"url": "https://www.suse.com/security/cve/CVE-2024-26733"
},
{
"category": "external",
"summary": "SUSE Bug 1222585 for CVE-2024-26733",
"url": "https://bugzilla.suse.com/1222585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26733"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix qedr_create_user_qp error flow\n\nAvoid the following warning by making sure to free the allocated\nresources in case that qedr_init_user_queue() fail.\n\n-----------[ cut here ]-----------\nWARNING: CPU: 0 PID: 143192 at drivers/infiniband/core/rdma_core.c:874 uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nModules linked in: tls target_core_user uio target_core_pscsi target_core_file target_core_iblock ib_srpt ib_srp scsi_transport_srp nfsd nfs_acl rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs 8021q garp mrp stp llc ext4 mbcache jbd2 opa_vnic ib_umad ib_ipoib sunrpc rdma_ucm ib_isert iscsi_target_mod target_core_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm hfi1 intel_rapl_msr intel_rapl_common mgag200 qedr sb_edac drm_shmem_helper rdmavt x86_pkg_temp_thermal drm_kms_helper intel_powerclamp ib_uverbs coretemp i2c_algo_bit kvm_intel dell_wmi_descriptor ipmi_ssif sparse_keymap kvm ib_core rfkill syscopyarea sysfillrect video sysimgblt irqbypass ipmi_si ipmi_devintf fb_sys_fops rapl iTCO_wdt mxm_wmi iTCO_vendor_support intel_cstate pcspkr dcdbas intel_uncore ipmi_msghandler lpc_ich acpi_power_meter mei_me mei fuse drm xfs libcrc32c qede sd_mod ahci libahci t10_pi sg crct10dif_pclmul crc32_pclmul crc32c_intel qed libata tg3\nghash_clmulni_intel megaraid_sas crc8 wmi [last unloaded: ib_srpt]\nCPU: 0 PID: 143192 Comm: fi_rdm_tagged_p Kdump: loaded Not tainted 5.14.0-408.el9.x86_64 #1\nHardware name: Dell Inc. PowerEdge R430/03XKDV, BIOS 2.14.0 01/25/2022\nRIP: 0010:uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nCode: 5d 41 5c 41 5d 41 5e e9 0f 26 1b dd 48 89 df e8 67 6a ff ff 49 8b 86 10 01 00 00 48 85 c0 74 9c 4c 89 e7 e8 83 c0 cb dd eb 92 \u003c0f\u003e 0b eb be 0f 0b be 04 00 00 00 48 89 df e8 8e f5 ff ff e9 6d ff\nRSP: 0018:ffffb7c6cadfbc60 EFLAGS: 00010286\nRAX: ffff8f0889ee3f60 RBX: ffff8f088c1a5200 RCX: 00000000802a0016\nRDX: 00000000802a0017 RSI: 0000000000000001 RDI: ffff8f0880042600\nRBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\nR10: ffff8f11fffd5000 R11: 0000000000039000 R12: ffff8f0d5b36cd80\nR13: ffff8f088c1a5250 R14: ffff8f1206d91000 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8f11d7c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000147069200e20 CR3: 00000001c7210002 CR4: 00000000001706f0\nCall Trace:\n\u003cTASK\u003e\n? show_trace_log_lvl+0x1c4/0x2df\n? show_trace_log_lvl+0x1c4/0x2df\n? ib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? __warn+0x81/0x110\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? report_bug+0x10a/0x140\n? handle_bug+0x3c/0x70\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n__fput+0x94/0x250\ntask_work_run+0x5c/0x90\ndo_exit+0x270/0x4a0\ndo_group_exit+0x2d/0x90\nget_signal+0x87c/0x8c0\narch_do_signal_or_restart+0x25/0x100\n? ib_uverbs_ioctl+0xc2/0x110 [ib_uverbs]\nexit_to_user_mode_loop+0x9c/0x130\nexit_to_user_mode_prepare+0xb6/0x100\nsyscall_exit_to_user_mode+0x12/0x40\ndo_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\n? common_interrupt+0x43/0xa0\nentry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x1470abe3ec6b\nCode: Unable to access opcode bytes at RIP 0x1470abe3ec41.\nRSP: 002b:00007fff13ce9108 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: fffffffffffffffc RBX: 00007fff13ce9218 RCX: 00001470abe3ec6b\nRDX: 00007fff13ce9200 RSI: 00000000c0181b01 RDI: 0000000000000004\nRBP: 00007fff13ce91e0 R08: 0000558d9655da10 R09: 0000558d9655dd00\nR10: 00007fff13ce95c0 R11: 0000000000000246 R12: 00007fff13ce9358\nR13: 0000000000000013 R14: 0000558d9655db50 R15: 00007fff13ce9470\n\u003c/TASK\u003e\n--[ end trace 888a9b92e04c5c97 ]--",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26743",
"url": "https://www.suse.com/security/cve/CVE-2024-26743"
},
{
"category": "external",
"summary": "SUSE Bug 1222677 for CVE-2024-26743",
"url": "https://bugzilla.suse.com/1222677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26743"
},
{
"cve": "CVE-2024-26744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Support specifying the srpt_service_guid parameter\n\nMake loading ib_srpt with this parameter set work. The current behavior is\nthat setting that parameter while loading the ib_srpt kernel module\ntriggers the following kernel crash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCall Trace:\n \u003cTASK\u003e\n parse_one+0x18c/0x1d0\n parse_args+0xe1/0x230\n load_module+0x8de/0xa60\n init_module_from_file+0x8b/0xd0\n idempotent_init_module+0x181/0x240\n __x64_sys_finit_module+0x5a/0xb0\n do_syscall_64+0x5f/0xe0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26744",
"url": "https://www.suse.com/security/cve/CVE-2024-26744"
},
{
"category": "external",
"summary": "SUSE Bug 1222449 for CVE-2024-26744",
"url": "https://bugzilla.suse.com/1222449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26744"
},
{
"cve": "CVE-2024-26747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: roles: fix NULL pointer issue when put module\u0027s reference\n\nIn current design, usb role class driver will get usb_role_switch parent\u0027s\nmodule reference after the user get usb_role_switch device and put the\nreference after the user put the usb_role_switch device. However, the\nparent device of usb_role_switch may be removed before the user put the\nusb_role_switch. If so, then, NULL pointer issue will be met when the user\nput the parent module\u0027s reference.\n\nThis will save the module pointer in structure of usb_role_switch. Then,\nwe don\u0027t need to find module by iterating long relations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26747",
"url": "https://www.suse.com/security/cve/CVE-2024-26747"
},
{
"category": "external",
"summary": "SUSE Bug 1222609 for CVE-2024-26747",
"url": "https://bugzilla.suse.com/1222609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26747"
},
{
"cve": "CVE-2024-26754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()\n\nThe gtp_net_ops pernet operations structure for the subsystem must be\nregistered before registering the generic netlink family.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\ngeneral protection fault, probably for non-canonical address\n0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\nCPU: 1 PID: 5826 Comm: gtp Not tainted 6.8.0-rc3-std-def-alt1 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\nRIP: 0010:gtp_genl_dump_pdp+0x1be/0x800 [gtp]\nCode: c6 89 c6 e8 64 e9 86 df 58 45 85 f6 0f 85 4e 04 00 00 e8 c5 ee 86\n df 48 8b 54 24 18 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e\n 3c 02 00 0f 85 de 05 00 00 48 8b 44 24 18 4c 8b 30 4c 39 f0 74\nRSP: 0018:ffff888014107220 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff88800fcda588 R14: 0000000000000001 R15: 0000000000000000\nFS: 00007f1be4eb05c0(0000) GS:ffff88806ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1be4e766cf CR3: 000000000c33e000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? show_regs+0x90/0xa0\n ? die_addr+0x50/0xd0\n ? exc_general_protection+0x148/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? gtp_genl_dump_pdp+0x1be/0x800 [gtp]\n ? __alloc_skb+0x1dd/0x350\n ? __pfx___alloc_skb+0x10/0x10\n genl_dumpit+0x11d/0x230\n netlink_dump+0x5b9/0xce0\n ? lockdep_hardirqs_on_prepare+0x253/0x430\n ? __pfx_netlink_dump+0x10/0x10\n ? kasan_save_track+0x10/0x40\n ? __kasan_kmalloc+0x9b/0xa0\n ? genl_start+0x675/0x970\n __netlink_dump_start+0x6fc/0x9f0\n genl_family_rcv_msg_dumpit+0x1bb/0x2d0\n ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10\n ? genl_op_from_small+0x2a/0x440\n ? cap_capable+0x1d0/0x240\n ? __pfx_genl_start+0x10/0x10\n ? __pfx_genl_dumpit+0x10/0x10\n ? __pfx_genl_done+0x10/0x10\n ? security_capable+0x9d/0xe0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26754",
"url": "https://www.suse.com/security/cve/CVE-2024-26754"
},
{
"category": "external",
"summary": "SUSE Bug 1222632 for CVE-2024-26754",
"url": "https://bugzilla.suse.com/1222632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26754"
},
{
"cve": "CVE-2024-26763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-crypt: don\u0027t modify the data when using authenticated encryption\n\nIt was said that authenticated encryption could produce invalid tag when\nthe data that is being encrypted is modified [1]. So, fix this problem by\ncopying the data into the clone bio first and then encrypt them inside the\nclone bio.\n\nThis may reduce performance, but it is needed to prevent the user from\ncorrupting the device by writing data with O_DIRECT and modifying them at\nthe same time.\n\n[1] https://lore.kernel.org/all/20240207004723.GA35324@sol.localdomain/T/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26763",
"url": "https://www.suse.com/security/cve/CVE-2024-26763"
},
{
"category": "external",
"summary": "SUSE Bug 1222720 for CVE-2024-26763",
"url": "https://bugzilla.suse.com/1222720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26763"
},
{
"cve": "CVE-2024-26771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Add some null pointer checks to the edma_probe\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26771",
"url": "https://www.suse.com/security/cve/CVE-2024-26771"
},
{
"category": "external",
"summary": "SUSE Bug 1222610 for CVE-2024-26771",
"url": "https://bugzilla.suse.com/1222610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26771"
},
{
"cve": "CVE-2024-26772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26772",
"url": "https://www.suse.com/security/cve/CVE-2024-26772"
},
{
"category": "external",
"summary": "SUSE Bug 1222613 for CVE-2024-26772",
"url": "https://bugzilla.suse.com/1222613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26772"
},
{
"cve": "CVE-2024-26773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26773",
"url": "https://www.suse.com/security/cve/CVE-2024-26773"
},
{
"category": "external",
"summary": "SUSE Bug 1222618 for CVE-2024-26773",
"url": "https://bugzilla.suse.com/1222618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26773"
},
{
"cve": "CVE-2024-26777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: sis: Error out if pixclock equals zero\n\nThe userspace program could pass any values to the driver through\nioctl() interface. If the driver doesn\u0027t check the value of pixclock,\nit may cause divide-by-zero error.\n\nIn sisfb_check_var(), var-\u003epixclock is used as a divisor to caculate\ndrate before it is checked against zero. Fix this by checking it\nat the beginning.\n\nThis is similar to CVE-2022-3061 in i740fb which was fixed by\ncommit 15cf0b8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26777",
"url": "https://www.suse.com/security/cve/CVE-2024-26777"
},
{
"category": "external",
"summary": "SUSE Bug 1222765 for CVE-2024-26777",
"url": "https://bugzilla.suse.com/1222765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26777"
},
{
"cve": "CVE-2024-26778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26778"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Error out if pixclock equals zero\n\nThe userspace program could pass any values to the driver through\nioctl() interface. If the driver doesn\u0027t check the value of pixclock,\nit may cause divide-by-zero error.\n\nAlthough pixclock is checked in savagefb_decode_var(), but it is not\nchecked properly in savagefb_probe(). Fix this by checking whether\npixclock is zero in the function savagefb_check_var() before\ninfo-\u003evar.pixclock is used as the divisor.\n\nThis is similar to CVE-2022-3061 in i740fb which was fixed by\ncommit 15cf0b8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26778",
"url": "https://www.suse.com/security/cve/CVE-2024-26778"
},
{
"category": "external",
"summary": "SUSE Bug 1222770 for CVE-2024-26778",
"url": "https://bugzilla.suse.com/1222770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26778"
},
{
"cve": "CVE-2024-26779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix race condition on enabling fast-xmit\n\nfast-xmit must only be enabled after the sta has been uploaded to the driver,\notherwise it could end up passing the not-yet-uploaded sta via drv_tx calls\nto the driver, leading to potential crashes because of uninitialized drv_priv\ndata.\nAdd a missing sta-\u003euploaded check and re-check fast xmit after inserting a sta.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26779",
"url": "https://www.suse.com/security/cve/CVE-2024-26779"
},
{
"category": "external",
"summary": "SUSE Bug 1222772 for CVE-2024-26779",
"url": "https://bugzilla.suse.com/1222772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26779"
},
{
"cve": "CVE-2024-26791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: dev-replace: properly validate device names\n\nThere\u0027s a syzbot report that device name buffers passed to device\nreplace are not properly checked for string termination which could lead\nto a read out of bounds in getname_kernel().\n\nAdd a helper that validates both source and target device name buffers.\nFor devid as the source initialize the buffer to empty string in case\nsomething tries to read it later.\n\nThis was originally analyzed and fixed in a different way by Edward Adam\nDavis (see links).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26791",
"url": "https://www.suse.com/security/cve/CVE-2024-26791"
},
{
"category": "external",
"summary": "SUSE Bug 1222793 for CVE-2024-26791",
"url": "https://bugzilla.suse.com/1222793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()\n\nThe gtp_link_ops operations structure for the subsystem must be\nregistered after registering the gtp_net_ops pernet operations structure.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\n[ 1010.702740] gtp: GTP module unloaded\n[ 1010.715877] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI\n[ 1010.715888] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n[ 1010.715895] CPU: 1 PID: 128616 Comm: a.out Not tainted 6.8.0-rc6-std-def-alt1 #1\n[ 1010.715899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\n[ 1010.715908] RIP: 0010:gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.715915] Code: 80 3c 02 00 0f 85 41 04 00 00 48 8b bb d8 05 00 00 e8 ed f6 ff ff 48 89 c2 48 89 c5 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4f 04 00 00 4c 89 e2 4c 8b 6d 00 48 b8 00 00 00\n[ 1010.715920] RSP: 0018:ffff888020fbf180 EFLAGS: 00010203\n[ 1010.715929] RAX: dffffc0000000000 RBX: ffff88800399c000 RCX: 0000000000000000\n[ 1010.715933] RDX: 0000000000000001 RSI: ffffffff84805280 RDI: 0000000000000282\n[ 1010.715938] RBP: 000000000000000d R08: 0000000000000001 R09: 0000000000000000\n[ 1010.715942] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800399cc80\n[ 1010.715947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000400\n[ 1010.715953] FS: 00007fd1509ab5c0(0000) GS:ffff88805b300000(0000) knlGS:0000000000000000\n[ 1010.715958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1010.715962] CR2: 0000000000000000 CR3: 000000001c07a000 CR4: 0000000000750ee0\n[ 1010.715968] PKRU: 55555554\n[ 1010.715972] Call Trace:\n[ 1010.715985] ? __die_body.cold+0x1a/0x1f\n[ 1010.715995] ? die_addr+0x43/0x70\n[ 1010.716002] ? exc_general_protection+0x199/0x2f0\n[ 1010.716016] ? asm_exc_general_protection+0x1e/0x30\n[ 1010.716026] ? gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.716034] ? gtp_net_exit+0x150/0x150 [gtp]\n[ 1010.716042] __rtnl_newlink+0x1063/0x1700\n[ 1010.716051] ? rtnl_setlink+0x3c0/0x3c0\n[ 1010.716063] ? is_bpf_text_address+0xc0/0x1f0\n[ 1010.716070] ? kernel_text_address.part.0+0xbb/0xd0\n[ 1010.716076] ? __kernel_text_address+0x56/0xa0\n[ 1010.716084] ? unwind_get_return_address+0x5a/0xa0\n[ 1010.716091] ? create_prof_cpu_mask+0x30/0x30\n[ 1010.716098] ? arch_stack_walk+0x9e/0xf0\n[ 1010.716106] ? stack_trace_save+0x91/0xd0\n[ 1010.716113] ? stack_trace_consume_entry+0x170/0x170\n[ 1010.716121] ? __lock_acquire+0x15c5/0x5380\n[ 1010.716139] ? mark_held_locks+0x9e/0xe0\n[ 1010.716148] ? kmem_cache_alloc_trace+0x35f/0x3c0\n[ 1010.716155] ? __rtnl_newlink+0x1700/0x1700\n[ 1010.716160] rtnl_newlink+0x69/0xa0\n[ 1010.716166] rtnetlink_rcv_msg+0x43b/0xc50\n[ 1010.716172] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716179] ? lock_acquire+0x1fe/0x560\n[ 1010.716188] ? netlink_deliver_tap+0x12f/0xd50\n[ 1010.716196] netlink_rcv_skb+0x14d/0x440\n[ 1010.716202] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716208] ? netlink_ack+0xab0/0xab0\n[ 1010.716213] ? netlink_deliver_tap+0x202/0xd50\n[ 1010.716220] ? netlink_deliver_tap+0x218/0xd50\n[ 1010.716226] ? __virt_addr_valid+0x30b/0x590\n[ 1010.716233] netlink_unicast+0x54b/0x800\n[ 1010.716240] ? netlink_attachskb+0x870/0x870\n[ 1010.716248] ? __check_object_size+0x2de/0x3b0\n[ 1010.716254] netlink_sendmsg+0x938/0xe40\n[ 1010.716261] ? netlink_unicast+0x800/0x800\n[ 1010.716269] ? __import_iovec+0x292/0x510\n[ 1010.716276] ? netlink_unicast+0x800/0x800\n[ 1010.716284] __sock_sendmsg+0x159/0x190\n[ 1010.716290] ____sys_sendmsg+0x712/0x880\n[ 1010.716297] ? sock_write_iter+0x3d0/0x3d0\n[ 1010.716304] ? __ia32_sys_recvmmsg+0x270/0x270\n[ 1010.716309] ? lock_acquire+0x1fe/0x560\n[ 1010.716315] ? drain_array_locked+0x90/0x90\n[ 1010.716324] ___sys_sendmsg+0xf8/0x170\n[ 1010.716331] ? sendmsg_copy_msghdr+0x170/0x170\n[ 1010.716337] ? lockdep_init_map\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26793",
"url": "https://www.suse.com/security/cve/CVE-2024-26793"
},
{
"category": "external",
"summary": "SUSE Bug 1222428 for CVE-2024-26793",
"url": "https://bugzilla.suse.com/1222428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26793"
},
{
"cve": "CVE-2024-26805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Fix kernel-infoleak-after-free in __skb_datagram_iter\n\nsyzbot reported the following uninit-value access issue [1]:\n\nnetlink_to_full_skb() creates a new `skb` and puts the `skb-\u003edata`\npassed as a 1st arg of netlink_to_full_skb() onto new `skb`. The data\nsize is specified as `len` and passed to skb_put_data(). This `len`\nis based on `skb-\u003eend` that is not data offset but buffer offset. The\n`skb-\u003eend` contains data and tailroom. Since the tailroom is not\ninitialized when the new `skb` created, KMSAN detects uninitialized\nmemory area when copying the data.\n\nThis patch resolved this issue by correct the len from `skb-\u003eend` to\n`skb-\u003elen`, which is the actual data offset.\n\nBUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in copy_to_user_iter lib/iov_iter.c:24 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_ubuf include/linux/iov_iter.h:29 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance include/linux/iov_iter.h:271 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n copy_to_iter include/linux/uio.h:197 [inline]\n simple_copy_to_iter+0x68/0xa0 net/core/datagram.c:532\n __skb_datagram_iter+0x123/0xdc0 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:3960 [inline]\n packet_recvmsg+0xd9c/0x2000 net/packet/af_packet.c:3482\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg net/socket.c:1066 [inline]\n sock_read_iter+0x467/0x580 net/socket.c:1136\n call_read_iter include/linux/fs.h:2014 [inline]\n new_sync_read fs/read_write.c:389 [inline]\n vfs_read+0x8f6/0xe00 fs/read_write.c:470\n ksys_read+0x20f/0x4c0 fs/read_write.c:613\n __do_sys_read fs/read_write.c:623 [inline]\n __se_sys_read fs/read_write.c:621 [inline]\n __x64_sys_read+0x93/0xd0 fs/read_write.c:621\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was stored to memory at:\n skb_put_data include/linux/skbuff.h:2622 [inline]\n netlink_to_full_skb net/netlink/af_netlink.c:181 [inline]\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:298 [inline]\n __netlink_deliver_tap+0x5be/0xc90 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338 [inline]\n netlink_deliver_tap_kernel net/netlink/af_netlink.c:347 [inline]\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x10f1/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1087 [inline]\n free_unref_page_prepare+0xb0/0xa40 mm/page_alloc.c:2347\n free_unref_page_list+0xeb/0x1100 mm/page_alloc.c:2533\n release_pages+0x23d3/0x2410 mm/swap.c:1042\n free_pages_and_swap_cache+0xd9/0xf0 mm/swap_state.c:316\n tlb_batch_pages\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26805",
"url": "https://www.suse.com/security/cve/CVE-2024-26805"
},
{
"category": "external",
"summary": "SUSE Bug 1222630 for CVE-2024-26805",
"url": "https://bugzilla.suse.com/1222630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26805"
},
{
"cve": "CVE-2024-26816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26816",
"url": "https://www.suse.com/security/cve/CVE-2024-26816"
},
{
"category": "external",
"summary": "SUSE Bug 1222624 for CVE-2024-26816",
"url": "https://bugzilla.suse.com/1222624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: use calloc instead of kzalloc to avoid integer overflow\n\nThis uses calloc instead of doing the multiplication which might\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26817",
"url": "https://www.suse.com/security/cve/CVE-2024-26817"
},
{
"category": "external",
"summary": "SUSE Bug 1222812 for CVE-2024-26817",
"url": "https://bugzilla.suse.com/1222812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26817"
},
{
"cve": "CVE-2024-26839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix a memleak in init_credit_return\n\nWhen dma_alloc_coherent fails to allocate dd-\u003ecr_base[i].va,\ninit_credit_return should deallocate dd-\u003ecr_base and\ndd-\u003ecr_base[i] that allocated before. Or those resources\nwould be never freed and a memleak is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26839",
"url": "https://www.suse.com/security/cve/CVE-2024-26839"
},
{
"category": "external",
"summary": "SUSE Bug 1222975 for CVE-2024-26839",
"url": "https://bugzilla.suse.com/1222975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "low"
}
],
"title": "CVE-2024-26839"
},
{
"cve": "CVE-2024-26840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [\u003cffffffff8eb8a1a5\u003e] kmem_cache_alloc+0x2d5/0x370\n [\u003cffffffff8e917f86\u003e] prepare_creds+0x26/0x2e0\n [\u003cffffffffc002eeef\u003e] cachefiles_determine_cache_security+0x1f/0x120\n [\u003cffffffffc00243ec\u003e] cachefiles_add_cache+0x13c/0x3a0\n [\u003cffffffffc0025216\u003e] cachefiles_daemon_write+0x146/0x1c0\n [\u003cffffffff8ebc4a3b\u003e] vfs_write+0xcb/0x520\n [\u003cffffffff8ebc5069\u003e] ksys_write+0x69/0xf0\n [\u003cffffffff8f6d4662\u003e] do_syscall_64+0x72/0x140\n [\u003cffffffff8f8000aa\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26840",
"url": "https://www.suse.com/security/cve/CVE-2024-26840"
},
{
"category": "external",
"summary": "SUSE Bug 1222976 for CVE-2024-26840",
"url": "https://bugzilla.suse.com/1222976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "low"
}
],
"title": "CVE-2024-26840"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()\n\nThe function ice_bridge_setlink() may encounter a NULL pointer dereference\nif nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently\nin nla_for_each_nested(). To address this issue, add a check to ensure that\nbr_spec is not NULL before proceeding with the nested attribute iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26855",
"url": "https://www.suse.com/security/cve/CVE-2024-26855"
},
{
"category": "external",
"summary": "SUSE Bug 1223051 for CVE-2024-26855",
"url": "https://bugzilla.suse.com/1223051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: make sure to pull inner header in geneve_rx()\n\nsyzbot triggered a bug in geneve_rx() [1]\n\nIssue is similar to the one I fixed in commit 8d975c15c0cd\n(\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\n[1]\nBUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in geneve_rx drivers/net/geneve.c:279 [inline]\n BUG: KMSAN: uninit-value in geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n geneve_rx drivers/net/geneve.c:279 [inline]\n geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n udp_queue_rcv_one_skb+0x1d39/0x1f20 net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x6ae/0x6e0 net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x184/0x4b0 net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x1c6b/0x3010 net/ipv4/udp.c:2422\n udp_rcv+0x7d/0xa0 net/ipv4/udp.c:2604\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n process_backlog+0x480/0x8b0 net/core/dev.c:5976\n __napi_poll+0xe3/0x980 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x8b8/0x1870 net/core/dev.c:6778\n __do_softirq+0x1b7/0x7c5 kernel/softirq.c:553\n do_softirq+0x9a/0xf0 kernel/softirq.c:454\n __local_bh_enable_ip+0x9b/0xa0 kernel/softirq.c:381\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:820 [inline]\n __dev_queue_xmit+0x2768/0x51c0 net/core/dev.c:4378\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x5cb/0xbc0 mm/slub.c:3903\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x352/0x790 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1296 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6394\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2783\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x70c2/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26857",
"url": "https://www.suse.com/security/cve/CVE-2024-26857"
},
{
"category": "external",
"summary": "SUSE Bug 1223058 for CVE-2024-26857",
"url": "https://bugzilla.suse.com/1223058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26857"
},
{
"cve": "CVE-2024-26859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/bnx2x: Prevent access to a freed page in page_pool\n\nFix race condition leading to system crash during EEH error handling\n\nDuring EEH error recovery, the bnx2x driver\u0027s transmit timeout logic\ncould cause a race condition when handling reset tasks. The\nbnx2x_tx_timeout() schedules reset tasks via bnx2x_sp_rtnl_task(),\nwhich ultimately leads to bnx2x_nic_unload(). In bnx2x_nic_unload()\nSGEs are freed using bnx2x_free_rx_sge_range(). However, this could\noverlap with the EEH driver\u0027s attempt to reset the device using\nbnx2x_io_slot_reset(), which also tries to free SGEs. This race\ncondition can result in system crashes due to accessing freed memory\nlocations in bnx2x_free_rx_sge()\n\n799 static inline void bnx2x_free_rx_sge(struct bnx2x *bp,\n800\t\t\t\tstruct bnx2x_fastpath *fp, u16 index)\n801 {\n802\tstruct sw_rx_page *sw_buf = \u0026fp-\u003erx_page_ring[index];\n803 struct page *page = sw_buf-\u003epage;\n....\nwhere sw_buf was set to NULL after the call to dma_unmap_page()\nby the preceding thread.\n\n EEH: Beginning: \u0027slot_reset\u0027\n PCI 0011:01:00.0#10000: EEH: Invoking bnx2x-\u003eslot_reset()\n bnx2x: [bnx2x_io_slot_reset:14228(eth1)]IO slot reset initializing...\n bnx2x 0011:01:00.0: enabling device (0140 -\u003e 0142)\n bnx2x: [bnx2x_io_slot_reset:14244(eth1)]IO slot reset --\u003e driver unload\n Kernel attempted to read user page (0) - exploit attempt? (uid: 0)\n BUG: Kernel NULL pointer dereference on read at 0x00000000\n Faulting instruction address: 0xc0080000025065fc\n Oops: Kernel access of bad area, sig: 11 [#1]\n .....\n Call Trace:\n [c000000003c67a20] [c00800000250658c] bnx2x_io_slot_reset+0x204/0x610 [bnx2x] (unreliable)\n [c000000003c67af0] [c0000000000518a8] eeh_report_reset+0xb8/0xf0\n [c000000003c67b60] [c000000000052130] eeh_pe_report+0x180/0x550\n [c000000003c67c70] [c00000000005318c] eeh_handle_normal_event+0x84c/0xa60\n [c000000003c67d50] [c000000000053a84] eeh_event_handler+0xf4/0x170\n [c000000003c67da0] [c000000000194c58] kthread+0x1c8/0x1d0\n [c000000003c67e10] [c00000000000cf64] ret_from_kernel_thread+0x5c/0x64\n\nTo solve this issue, we need to verify page pool allocations before\nfreeing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26859",
"url": "https://www.suse.com/security/cve/CVE-2024-26859"
},
{
"category": "external",
"summary": "SUSE Bug 1223049 for CVE-2024-26859",
"url": "https://bugzilla.suse.com/1223049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26859"
},
{
"cve": "CVE-2024-26876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: adv7511: fix crash on irq during probe\n\nMoved IRQ registration down to end of adv7511_probe().\n\nIf an IRQ already is pending during adv7511_probe\n(before adv7511_cec_init) then cec_received_msg_ts\ncould crash using uninitialized data:\n\n Unable to handle kernel read from unreadable memory at virtual address 00000000000003d5\n Internal error: Oops: 96000004 [#1] PREEMPT_RT SMP\n Call trace:\n cec_received_msg_ts+0x48/0x990 [cec]\n adv7511_cec_irq_process+0x1cc/0x308 [adv7511]\n adv7511_irq_process+0xd8/0x120 [adv7511]\n adv7511_irq_handler+0x1c/0x30 [adv7511]\n irq_thread_fn+0x30/0xa0\n irq_thread+0x14c/0x238\n kthread+0x190/0x1a8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26876",
"url": "https://www.suse.com/security/cve/CVE-2024-26876"
},
{
"category": "external",
"summary": "SUSE Bug 1223119 for CVE-2024-26876",
"url": "https://bugzilla.suse.com/1223119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26876"
},
{
"cve": "CVE-2024-26878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(\u0026dquots[cnt]-\u003edq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode\u0027s quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let\u0027s fix it by using a temporary pointer to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26878",
"url": "https://www.suse.com/security/cve/CVE-2024-26878"
},
{
"category": "external",
"summary": "SUSE Bug 1223060 for CVE-2024-26878",
"url": "https://bugzilla.suse.com/1223060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stackmap overflow check on 32-bit arches\n\nThe stackmap code relies on roundup_pow_of_two() to compute the number\nof hash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code.\n\nThe commit in the fixes tag actually attempted to fix this, but the fix\ndid not account for the UB, so the fix only works on CPUs where an\noverflow does result in a neat truncation to zero, which is not\nguaranteed. Checking the value before rounding does not have this\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26883",
"url": "https://www.suse.com/security/cve/CVE-2024-26883"
},
{
"category": "external",
"summary": "SUSE Bug 1223035 for CVE-2024-26883",
"url": "https://bugzilla.suse.com/1223035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix hashtab overflow check on 32-bit arches\n\nThe hashtab code relies on roundup_pow_of_two() to compute the number of\nhash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code. So apply the same\nfix to hashtab, by moving the overflow check to before the roundup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26884",
"url": "https://www.suse.com/security/cve/CVE-2024-26884"
},
{
"category": "external",
"summary": "SUSE Bug 1223189 for CVE-2024-26884",
"url": "https://bugzilla.suse.com/1223189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\n\nThis patch is against CVE-2023-6270. The description of cve is:\n\n A flaw was found in the ATA over Ethernet (AoE) driver in the Linux\n kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on\n `struct net_device`, and a use-after-free can be triggered by racing\n between the free on the struct and the access through the `skbtxq`\n global queue. This could lead to a denial of service condition or\n potential code execution.\n\nIn aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial\ncode is finished. But the net_device ifp will still be used in\nlater tx()-\u003edev_queue_xmit() in kthread. Which means that the\ndev_put(ifp) should NOT be called in the success path of skb\ninitial code in aoecmd_cfg_pkts(). Otherwise tx() may run into\nuse-after-free because the net_device is freed.\n\nThis patch removed the dev_put(ifp) in the success path in\naoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26898",
"url": "https://www.suse.com/security/cve/CVE-2024-26898"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1223017 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever\u0027s suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26901",
"url": "https://www.suse.com/security/cve/CVE-2024-26901"
},
{
"category": "external",
"summary": "SUSE Bug 1223198 for CVE-2024-26901",
"url": "https://bugzilla.suse.com/1223198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security\n\nDuring our fuzz testing of the connection and disconnection process at the\nRFCOMM layer, we discovered this bug. By comparing the packets from a\nnormal connection and disconnection process with the testcase that\ntriggered a KASAN report. We analyzed the cause of this bug as follows:\n\n1. In the packets captured during a normal connection, the host sends a\n`Read Encryption Key Size` type of `HCI_CMD` packet\n(Command Opcode: 0x1408) to the controller to inquire the length of\nencryption key.After receiving this packet, the controller immediately\nreplies with a Command Completepacket (Event Code: 0x0e) to return the\nEncryption Key Size.\n\n2. In our fuzz test case, the timing of the controller\u0027s response to this\npacket was delayed to an unexpected point: after the RFCOMM and L2CAP\nlayers had disconnected but before the HCI layer had disconnected.\n\n3. After receiving the Encryption Key Size Response at the time described\nin point 2, the host still called the rfcomm_check_security function.\nHowever, by this time `struct l2cap_conn *conn = l2cap_pi(sk)-\u003echan-\u003econn;`\nhad already been released, and when the function executed\n`return hci_conn_security(conn-\u003ehcon, d-\u003esec_level, auth_type, d-\u003eout);`,\nspecifically when accessing `conn-\u003ehcon`, a null-ptr-deref error occurred.\n\nTo fix this bug, check if `sk-\u003esk_state` is BT_CLOSED before calling\nrfcomm_recv_frame in rfcomm_process_rx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26903",
"url": "https://www.suse.com/security/cve/CVE-2024-26903"
},
{
"category": "external",
"summary": "SUSE Bug 1223187 for CVE-2024-26903",
"url": "https://bugzilla.suse.com/1223187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26907"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix fortify source warning while accessing Eth segment\n\n ------------[ cut here ]------------\n memcpy: detected field-spanning write (size 56) of single field \"eseg-\u003einline_hdr.start\" at /var/lib/dkms/mlnx-ofed-kernel/5.8/build/drivers/infiniband/hw/mlx5/wr.c:131 (size 2)\n WARNING: CPU: 0 PID: 293779 at /var/lib/dkms/mlnx-ofed-kernel/5.8/build/drivers/infiniband/hw/mlx5/wr.c:131 mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n Modules linked in: 8021q garp mrp stp llc rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) ib_core(OE) mlx5_core(OE) pci_hyperv_intf mlxdevm(OE) mlx_compat(OE) tls mlxfw(OE) psample nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink mst_pciconf(OE) knem(OE) vfio_pci vfio_pci_core vfio_iommu_type1 vfio iommufd irqbypass cuse nfsv3 nfs fscache netfs xfrm_user xfrm_algo ipmi_devintf ipmi_msghandler binfmt_misc crct10dif_pclmul crc32_pclmul polyval_clmulni polyval_generic ghash_clmulni_intel sha512_ssse3 snd_pcsp aesni_intel crypto_simd cryptd snd_pcm snd_timer joydev snd soundcore input_leds serio_raw evbug nfsd auth_rpcgss nfs_acl lockd grace sch_fq_codel sunrpc drm efi_pstore ip_tables x_tables autofs4 psmouse virtio_net net_failover failover floppy\n [last unloaded: mlx_compat(OE)]\n CPU: 0 PID: 293779 Comm: ssh Tainted: G OE 6.2.0-32-generic #32~22.04.1-Ubuntu\n Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\n RIP: 0010:mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n Code: 0c 01 00 a8 01 75 25 48 8b 75 a0 b9 02 00 00 00 48 c7 c2 10 5b fd c0 48 c7 c7 80 5b fd c0 c6 05 57 0c 03 00 01 e8 95 4d 93 da \u003c0f\u003e 0b 44 8b 4d b0 4c 8b 45 c8 48 8b 4d c0 e9 49 fb ff ff 41 0f b7\n RSP: 0018:ffffb5b48478b570 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffb5b48478b628 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffb5b48478b5e8\n R13: ffff963a3c609b5e R14: ffff9639c3fbd800 R15: ffffb5b480475a80\n FS: 00007fc03b444c80(0000) GS:ffff963a3dc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000556f46bdf000 CR3: 0000000006ac6003 CR4: 00000000003706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x72/0x90\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n ? __warn+0x8d/0x160\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n ? report_bug+0x1bb/0x1d0\n ? handle_bug+0x46/0x90\n ? exc_invalid_op+0x19/0x80\n ? asm_exc_invalid_op+0x1b/0x20\n ? mlx5_ib_post_send+0x191b/0x1a60 [mlx5_ib]\n mlx5_ib_post_send_nodrain+0xb/0x20 [mlx5_ib]\n ipoib_send+0x2ec/0x770 [ib_ipoib]\n ipoib_start_xmit+0x5a0/0x770 [ib_ipoib]\n dev_hard_start_xmit+0x8e/0x1e0\n ? validate_xmit_skb_list+0x4d/0x80\n sch_direct_xmit+0x116/0x3a0\n __dev_xmit_skb+0x1fd/0x580\n __dev_queue_xmit+0x284/0x6b0\n ? _raw_spin_unlock_irq+0xe/0x50\n ? __flush_work.isra.0+0x20d/0x370\n ? push_pseudo_header+0x17/0x40 [ib_ipoib]\n neigh_connected_output+0xcd/0x110\n ip_finish_output2+0x179/0x480\n ? __smp_call_single_queue+0x61/0xa0\n __ip_finish_output+0xc3/0x190\n ip_finish_output+0x2e/0xf0\n ip_output+0x78/0x110\n ? __pfx_ip_finish_output+0x10/0x10\n ip_local_out+0x64/0x70\n __ip_queue_xmit+0x18a/0x460\n ip_queue_xmit+0x15/0x30\n __tcp_transmit_skb+0x914/0x9c0\n tcp_write_xmit+0x334/0x8d0\n tcp_push_one+0x3c/0x60\n tcp_sendmsg_locked+0x2e1/0xac0\n tcp_sendmsg+0x2d/0x50\n inet_sendmsg+0x43/0x90\n sock_sendmsg+0x68/0x80\n sock_write_iter+0x93/0x100\n vfs_write+0x326/0x3c0\n ksys_write+0xbd/0xf0\n ? do_syscall_64+0x69/0x90\n __x64_sys_write+0x19/0x30\n do_syscall_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26907",
"url": "https://www.suse.com/security/cve/CVE-2024-26907"
},
{
"category": "external",
"summary": "SUSE Bug 1223203 for CVE-2024-26907",
"url": "https://bugzilla.suse.com/1223203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26907"
},
{
"cve": "CVE-2024-26922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: validate the parameters of bo mapping operations more clearly\n\nVerify the parameters of\namdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26922",
"url": "https://www.suse.com/security/cve/CVE-2024-26922"
},
{
"category": "external",
"summary": "SUSE Bug 1223315 for CVE-2024-26922",
"url": "https://bugzilla.suse.com/1223315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26922"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26931",
"url": "https://www.suse.com/security/cve/CVE-2024-26931"
},
{
"category": "external",
"summary": "SUSE Bug 1223627 for CVE-2024-26931",
"url": "https://bugzilla.suse.com/1223627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26948",
"url": "https://www.suse.com/security/cve/CVE-2024-26948"
},
{
"category": "external",
"summary": "SUSE Bug 1223664 for CVE-2024-26948",
"url": "https://bugzilla.suse.com/1223664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26948"
},
{
"cve": "CVE-2024-26993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26993",
"url": "https://www.suse.com/security/cve/CVE-2024-26993"
},
{
"category": "external",
"summary": "SUSE Bug 1223693 for CVE-2024-26993",
"url": "https://bugzilla.suse.com/1223693"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-27008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: nv04: Fix out of bounds access\n\nWhen Output Resource (dcb-\u003eor) value is assigned in\nfabricate_dcb_output(), there may be out of bounds access to\ndac_users array in case dcb-\u003eor is zero because ffs(dcb-\u003eor) is\nused as index there.\nThe \u0027or\u0027 argument of fabricate_dcb_output() must be interpreted as a\nnumber of bit to set, not value.\n\nUtilize macros from \u0027enum nouveau_or\u0027 in calls instead of hardcoding.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27008",
"url": "https://www.suse.com/security/cve/CVE-2024-27008"
},
{
"category": "external",
"summary": "SUSE Bug 1223802 for CVE-2024-27008",
"url": "https://bugzilla.suse.com/1223802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: limit printing rate when illegal packet received by tun dev\n\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\n\nnet_ratelimit mechanism can be used to limit the dumping rate.\n\nPID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: \"vhost-32980\"\n #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n #3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n [exception RIP: io_serial_in+20]\n RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002\n RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000\n RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0\n RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f\n R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020\n R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n #10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n #12 [ffffa65531497b68] printk at ffffffff89318306\n #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n #18 [ffffa65531497f10] kthread at ffffffff892d2e72\n #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27013",
"url": "https://www.suse.com/security/cve/CVE-2024-27013"
},
{
"category": "external",
"summary": "SUSE Bug 1223745 for CVE-2024-27013",
"url": "https://bugzilla.suse.com/1223745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Prevent deadlock while disabling aRFS\n\nWhen disabling aRFS under the `priv-\u003estate_lock`, any scheduled\naRFS works are canceled using the `cancel_work_sync` function,\nwhich waits for the work to end if it has already started.\nHowever, while waiting for the work handler, the handler will\ntry to acquire the `state_lock` which is already acquired.\n\nThe worker acquires the lock to delete the rules if the state\nis down, which is not the worker\u0027s responsibility since\ndisabling aRFS deletes the rules.\n\nAdd an aRFS state variable, which indicates whether the aRFS is\nenabled and prevent adding rules when the aRFS is disabled.\n\nKernel log:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G I\n------------------------------------------------------\nethtool/386089 is trying to acquire lock:\nffff88810f21ce68 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0\n\nbut task is already holding lock:\nffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026priv-\u003estate_lock){+.+.}-{3:3}:\n __mutex_lock+0x80/0xc90\n arfs_handle_work+0x4b/0x3b0 [mlx5_core]\n process_one_work+0x1dc/0x4a0\n worker_thread+0x1bf/0x3c0\n kthread+0xd7/0x100\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n\n-\u003e #0 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}:\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n __flush_work+0x7a/0x4e0\n __cancel_work_timer+0x131/0x1c0\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1a1/0x270\n netlink_sendmsg+0x214/0x460\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x113/0x170\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n\n *** DEADLOCK ***\n\n3 locks held by ethtool/386089:\n #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40\n #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240\n #2: ffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nstack backtrace:\nCPU: 15 PID: 386089 Comm: ethtool Tainted: G I 6.7.0-rc4_net_next_mlx5_5483eb2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x60/0xa0\n check_noncircular+0x144/0x160\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n ? __flush_work+0x74/0x4e0\n ? save_trace+0x3e/0x360\n ? __flush_work+0x74/0x4e0\n __flush_work+0x7a/0x4e0\n ? __flush_work+0x74/0x4e0\n ? __lock_acquire+0xa78/0x2c80\n ? lock_acquire+0xd0/0x2b0\n ? mark_held_locks+0x49/0x70\n __cancel_work_timer+0x131/0x1c0\n ? mark_held_locks+0x49/0x70\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n ? ethn\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27014",
"url": "https://www.suse.com/security/cve/CVE-2024-27014"
},
{
"category": "external",
"summary": "SUSE Bug 1223735 for CVE-2024-27014",
"url": "https://bugzilla.suse.com/1223735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27014"
},
{
"cve": "CVE-2024-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27043",
"url": "https://www.suse.com/security/cve/CVE-2024-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223824 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "external",
"summary": "SUSE Bug 1223825 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "important"
}
],
"title": "CVE-2024-27043"
},
{
"cve": "CVE-2024-27046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27046",
"url": "https://www.suse.com/security/cve/CVE-2024-27046"
},
{
"category": "external",
"summary": "SUSE Bug 1223827 for CVE-2024-27046",
"url": "https://bugzilla.suse.com/1223827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27046"
},
{
"cve": "CVE-2024-27054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27054",
"url": "https://www.suse.com/security/cve/CVE-2024-27054"
},
{
"category": "external",
"summary": "SUSE Bug 1223819 for CVE-2024-27054",
"url": "https://bugzilla.suse.com/1223819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usbtv: Remove useless locks in usbtv_video_free()\n\nRemove locks calls in usbtv_video_free() because\nare useless and may led to a deadlock as reported here:\nhttps://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000\nAlso remove usbtv_stop() call since it will be called when\nunregistering the device.\n\nBefore \u0027c838530d230b\u0027 this issue would only be noticed if you\ndisconnect while streaming and now it is noticeable even when\ndisconnecting while not streaming.\n\n\n[hverkuil: fix minor spelling mistake in log message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27072",
"url": "https://www.suse.com/security/cve/CVE-2024-27072"
},
{
"category": "external",
"summary": "SUSE Bug 1223837 for CVE-2024-27072",
"url": "https://bugzilla.suse.com/1223837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27072"
},
{
"cve": "CVE-2024-27073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ttpci: fix two memleaks in budget_av_attach\n\nWhen saa7146_register_device and saa7146_vv_init fails, budget_av_attach\nshould free the resources it allocates, like the error-handling of\nttpci_budget_init does. Besides, there are two fixme comment refers to\nsuch deallocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27073",
"url": "https://www.suse.com/security/cve/CVE-2024-27073"
},
{
"category": "external",
"summary": "SUSE Bug 1223843 for CVE-2024-27073",
"url": "https://bugzilla.suse.com/1223843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27073"
},
{
"cve": "CVE-2024-27074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: go7007: fix a memleak in go7007_load_encoder\n\nIn go7007_load_encoder, bounce(i.e. go-\u003eboot_fw), is allocated without\na deallocation thereafter. After the following call chain:\n\nsaa7134_go7007_init\n |-\u003e go7007_boot_encoder\n |-\u003e go7007_load_encoder\n |-\u003e kfree(go)\n\ngo is freed and thus bounce is leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27074",
"url": "https://www.suse.com/security/cve/CVE-2024-27074"
},
{
"category": "external",
"summary": "SUSE Bug 1223844 for CVE-2024-27074",
"url": "https://bugzilla.suse.com/1223844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27074"
},
{
"cve": "CVE-2024-27075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: avoid stack overflow warnings with clang\n\nA previous patch worked around a KASAN issue in stv0367, now a similar\nproblem showed up with clang:\n\ndrivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in \u0027stv0367ter_set_frontend\u0027 [-Werror,-Wframe-larger-than]\n 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)\n\nRework the stv0367_writereg() function to be simpler and mark both\nregister access functions as noinline_for_stack so the temporary\ni2c_msg structures do not get duplicated on the stack when KASAN_STACK\nis enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27075",
"url": "https://www.suse.com/security/cve/CVE-2024-27075"
},
{
"category": "external",
"summary": "SUSE Bug 1223842 for CVE-2024-27075",
"url": "https://bugzilla.suse.com/1223842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27075"
},
{
"cve": "CVE-2024-27078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: fix some memleaks in tpg_alloc\n\nIn tpg_alloc, resources should be deallocated in each and every\nerror-handling paths, since they are allocated in for statements.\nOtherwise there would be memleaks because tpg_free is called only when\ntpg_alloc return 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27078",
"url": "https://www.suse.com/security/cve/CVE-2024-27078"
},
{
"category": "external",
"summary": "SUSE Bug 1223781 for CVE-2024-27078",
"url": "https://bugzilla.suse.com/1223781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27078"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.182.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.182.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.182.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T13:38:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
}
]
}
suse-su-2025:0035-1
Vulnerability from csaf_suse
Published
2025-01-08 09:47
Modified
2025-01-08 09:47
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015).
- CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
- CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (bsc#1223769).
- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).
- CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904).
- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).
- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).
- CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507).
- CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).
- CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063).
- CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130).
- CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108).
- CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103).
- CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191).
- CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211).
- CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212).
- CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454).
- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
- CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560).
- CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577).
- CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).
The following non-security bugs were fixed:
- drm/vc4: Warn if some v3d code is run on BCM2711 (bsc#1233108).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).
- lpfc: size cpu map by last cpu id set (bsc#1157160).
- net: relax socket state check at accept time (git-fixes).
- ocfs2: uncache inode which has failed entering the group (bsc#1234087).
Patchnames
SUSE-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-35
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015).\n- CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).\n- CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value (bsc#1223769).\n- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).\n- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).\n- CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).\n- CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).\n- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).\n- CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766).\n- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).\n- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).\n- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).\n- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()\u0026iput() (bsc#1231930).\n- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).\n- CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251).\n- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).\n- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).\n- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)\n- CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552).\n- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).\n- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).\n- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).\n- CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904).\n- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).\n- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).\n- CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507).\n- CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873).\n- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).\n- CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897).\n- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).\n- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).\n- CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063).\n- CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051).\n- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).\n- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).\n- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).\n- CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130).\n- CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108).\n- CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103).\n- CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191).\n- CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211).\n- CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212).\n- CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233453).\n- CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454).\n- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).\n- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).\n- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).\n- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).\n- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).\n- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).\n- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).\n- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).\n- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).\n- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).\n- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).\n- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).\n- CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560).\n- CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577).\n- CVE-2024-53088: i40e: fix race condition by adding filter\u0027s intermediate sync state (bsc#1233580).\n- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).\n- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).\n\nThe following non-security bugs were fixed:\n\n- drm/vc4: Warn if some v3d code is run on BCM2711 (bsc#1233108).\n- initramfs: avoid filename buffer overrun (bsc#1232436).\n- kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).\n- lpfc: size cpu map by last cpu id set (bsc#1157160).\n- net: relax socket state check at accept time (git-fixes).\n- ocfs2: uncache inode which has failed entering the group (bsc#1234087).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-35",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0035-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0035-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250035-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0035-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020070.html"
},
{
"category": "self",
"summary": "SUSE Bug 1082555",
"url": "https://bugzilla.suse.com/1082555"
},
{
"category": "self",
"summary": "SUSE Bug 1157160",
"url": "https://bugzilla.suse.com/1157160"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1222364",
"url": "https://bugzilla.suse.com/1222364"
},
{
"category": "self",
"summary": "SUSE Bug 1222413",
"url": "https://bugzilla.suse.com/1222413"
},
{
"category": "self",
"summary": "SUSE Bug 1223044",
"url": "https://bugzilla.suse.com/1223044"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223769",
"url": "https://bugzilla.suse.com/1223769"
},
{
"category": "self",
"summary": "SUSE Bug 1224526",
"url": "https://bugzilla.suse.com/1224526"
},
{
"category": "self",
"summary": "SUSE Bug 1225730",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225764",
"url": "https://bugzilla.suse.com/1225764"
},
{
"category": "self",
"summary": "SUSE Bug 1228015",
"url": "https://bugzilla.suse.com/1228015"
},
{
"category": "self",
"summary": "SUSE Bug 1228650",
"url": "https://bugzilla.suse.com/1228650"
},
{
"category": "self",
"summary": "SUSE Bug 1228708",
"url": "https://bugzilla.suse.com/1228708"
},
{
"category": "self",
"summary": "SUSE Bug 1228779",
"url": "https://bugzilla.suse.com/1228779"
},
{
"category": "self",
"summary": "SUSE Bug 1230231",
"url": "https://bugzilla.suse.com/1230231"
},
{
"category": "self",
"summary": "SUSE Bug 1230429",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "self",
"summary": "SUSE Bug 1230766",
"url": "https://bugzilla.suse.com/1230766"
},
{
"category": "self",
"summary": "SUSE Bug 1230773",
"url": "https://bugzilla.suse.com/1230773"
},
{
"category": "self",
"summary": "SUSE Bug 1230784",
"url": "https://bugzilla.suse.com/1230784"
},
{
"category": "self",
"summary": "SUSE Bug 1230827",
"url": "https://bugzilla.suse.com/1230827"
},
{
"category": "self",
"summary": "SUSE Bug 1231184",
"url": "https://bugzilla.suse.com/1231184"
},
{
"category": "self",
"summary": "SUSE Bug 1231439",
"url": "https://bugzilla.suse.com/1231439"
},
{
"category": "self",
"summary": "SUSE Bug 1231904",
"url": "https://bugzilla.suse.com/1231904"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231930",
"url": "https://bugzilla.suse.com/1231930"
},
{
"category": "self",
"summary": "SUSE Bug 1232157",
"url": "https://bugzilla.suse.com/1232157"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232165",
"url": "https://bugzilla.suse.com/1232165"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232224",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "self",
"summary": "SUSE Bug 1232251",
"url": "https://bugzilla.suse.com/1232251"
},
{
"category": "self",
"summary": "SUSE Bug 1232272",
"url": "https://bugzilla.suse.com/1232272"
},
{
"category": "self",
"summary": "SUSE Bug 1232329",
"url": "https://bugzilla.suse.com/1232329"
},
{
"category": "self",
"summary": "SUSE Bug 1232371",
"url": "https://bugzilla.suse.com/1232371"
},
{
"category": "self",
"summary": "SUSE Bug 1232436",
"url": "https://bugzilla.suse.com/1232436"
},
{
"category": "self",
"summary": "SUSE Bug 1232507",
"url": "https://bugzilla.suse.com/1232507"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232552",
"url": "https://bugzilla.suse.com/1232552"
},
{
"category": "self",
"summary": "SUSE Bug 1232873",
"url": "https://bugzilla.suse.com/1232873"
},
{
"category": "self",
"summary": "SUSE Bug 1232887",
"url": "https://bugzilla.suse.com/1232887"
},
{
"category": "self",
"summary": "SUSE Bug 1232888",
"url": "https://bugzilla.suse.com/1232888"
},
{
"category": "self",
"summary": "SUSE Bug 1232897",
"url": "https://bugzilla.suse.com/1232897"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1232928",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "self",
"summary": "SUSE Bug 1233049",
"url": "https://bugzilla.suse.com/1233049"
},
{
"category": "self",
"summary": "SUSE Bug 1233051",
"url": "https://bugzilla.suse.com/1233051"
},
{
"category": "self",
"summary": "SUSE Bug 1233057",
"url": "https://bugzilla.suse.com/1233057"
},
{
"category": "self",
"summary": "SUSE Bug 1233063",
"url": "https://bugzilla.suse.com/1233063"
},
{
"category": "self",
"summary": "SUSE Bug 1233070",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "self",
"summary": "SUSE Bug 1233097",
"url": "https://bugzilla.suse.com/1233097"
},
{
"category": "self",
"summary": "SUSE Bug 1233103",
"url": "https://bugzilla.suse.com/1233103"
},
{
"category": "self",
"summary": "SUSE Bug 1233108",
"url": "https://bugzilla.suse.com/1233108"
},
{
"category": "self",
"summary": "SUSE Bug 1233111",
"url": "https://bugzilla.suse.com/1233111"
},
{
"category": "self",
"summary": "SUSE Bug 1233123",
"url": "https://bugzilla.suse.com/1233123"
},
{
"category": "self",
"summary": "SUSE Bug 1233130",
"url": "https://bugzilla.suse.com/1233130"
},
{
"category": "self",
"summary": "SUSE Bug 1233191",
"url": "https://bugzilla.suse.com/1233191"
},
{
"category": "self",
"summary": "SUSE Bug 1233211",
"url": "https://bugzilla.suse.com/1233211"
},
{
"category": "self",
"summary": "SUSE Bug 1233212",
"url": "https://bugzilla.suse.com/1233212"
},
{
"category": "self",
"summary": "SUSE Bug 1233216",
"url": "https://bugzilla.suse.com/1233216"
},
{
"category": "self",
"summary": "SUSE Bug 1233453",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "self",
"summary": "SUSE Bug 1233454",
"url": "https://bugzilla.suse.com/1233454"
},
{
"category": "self",
"summary": "SUSE Bug 1233456",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "self",
"summary": "SUSE Bug 1233462",
"url": "https://bugzilla.suse.com/1233462"
},
{
"category": "self",
"summary": "SUSE Bug 1233467",
"url": "https://bugzilla.suse.com/1233467"
},
{
"category": "self",
"summary": "SUSE Bug 1233468",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "self",
"summary": "SUSE Bug 1233478",
"url": "https://bugzilla.suse.com/1233478"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233485",
"url": "https://bugzilla.suse.com/1233485"
},
{
"category": "self",
"summary": "SUSE Bug 1233490",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "self",
"summary": "SUSE Bug 1233491",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "self",
"summary": "SUSE Bug 1233552",
"url": "https://bugzilla.suse.com/1233552"
},
{
"category": "self",
"summary": "SUSE Bug 1233555",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233560",
"url": "https://bugzilla.suse.com/1233560"
},
{
"category": "self",
"summary": "SUSE Bug 1233577",
"url": "https://bugzilla.suse.com/1233577"
},
{
"category": "self",
"summary": "SUSE Bug 1233580",
"url": "https://bugzilla.suse.com/1233580"
},
{
"category": "self",
"summary": "SUSE Bug 1234025",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "self",
"summary": "SUSE Bug 1234072",
"url": "https://bugzilla.suse.com/1234072"
},
{
"category": "self",
"summary": "SUSE Bug 1234087",
"url": "https://bugzilla.suse.com/1234087"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48853 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26801 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42131 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42229 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46771 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47660 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50044 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50117 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50148 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50150 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50167 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50171 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50179 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50183 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50187 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50194 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50195 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50210 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50234 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50265 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50267 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50273 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50278 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50278/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50279 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50289 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50296 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50302 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53066 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53104 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53114 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53142/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-01-08T09:47:34Z",
"generator": {
"date": "2025-01-08T09:47:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0035-1",
"initial_release_date": "2025-01-08T09:47:34Z",
"revision_history": [
{
"date": "2025-01-08T09:47:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.237.1.noarch",
"product_id": "kernel-devel-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.237.1.noarch",
"product_id": "kernel-macros-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.237.1.noarch",
"product_id": "kernel-source-4.12.14-122.237.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.s390x",
"product_id": "kernel-syms-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2022-48853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: fix info leak with DMA_FROM_DEVICE\n\nThe problem I\u0027m addressing was discovered by the LTP test covering\ncve-2018-1000204.\n\nA short description of what happens follows:\n1) The test case issues a command code 00 (TEST UNIT READY) via the SG_IO\n interface with: dxfer_len == 524288, dxdfer_dir == SG_DXFER_FROM_DEV\n and a corresponding dxferp. The peculiar thing about this is that TUR\n is not reading from the device.\n2) In sg_start_req() the invocation of blk_rq_map_user() effectively\n bounces the user-space buffer. As if the device was to transfer into\n it. Since commit a45b599ad808 (\"scsi: sg: allocate with __GFP_ZERO in\n sg_build_indirect()\") we make sure this first bounce buffer is\n allocated with GFP_ZERO.\n3) For the rest of the story we keep ignoring that we have a TUR, so the\n device won\u0027t touch the buffer we prepare as if the we had a\n DMA_FROM_DEVICE type of situation. My setup uses a virtio-scsi device\n and the buffer allocated by SG is mapped by the function\n virtqueue_add_split() which uses DMA_FROM_DEVICE for the \"in\" sgs (here\n scatter-gather and not scsi generics). This mapping involves bouncing\n via the swiotlb (we need swiotlb to do virtio in protected guest like\n s390 Secure Execution, or AMD SEV).\n4) When the SCSI TUR is done, we first copy back the content of the second\n (that is swiotlb) bounce buffer (which most likely contains some\n previous IO data), to the first bounce buffer, which contains all\n zeros. Then we copy back the content of the first bounce buffer to\n the user-space buffer.\n5) The test case detects that the buffer, which it zero-initialized,\n ain\u0027t all zeros and fails.\n\nOne can argue that this is an swiotlb problem, because without swiotlb\nwe leak all zeros, and the swiotlb should be transparent in a sense that\nit does not affect the outcome (if all other participants are well\nbehaved).\n\nCopying the content of the original buffer into the swiotlb buffer is\nthe only way I can think of to make swiotlb transparent in such\nscenarios. So let\u0027s do just that if in doubt, but allow the driver\nto tell us that the whole mapped buffer is going to be overwritten,\nin which case we can preserve the old behavior and avoid the performance\nimpact of the extra bounce.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48853",
"url": "https://www.suse.com/security/cve/CVE-2022-48853"
},
{
"category": "external",
"summary": "SUSE Bug 1228015 for CVE-2022-48853",
"url": "https://bugzilla.suse.com/1228015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48853"
},
{
"cve": "CVE-2024-26801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Avoid potential use-after-free in hci_error_reset\n\nWhile handling the HCI_EV_HARDWARE_ERROR event, if the underlying\nBT controller is not responding, the GPIO reset mechanism would\nfree the hci_dev and lead to a use-after-free in hci_error_reset.\n\nHere\u0027s the call trace observed on a ChromeOS device with Intel AX201:\n queue_work_on+0x3e/0x6c\n __hci_cmd_sync_sk+0x2ee/0x4c0 [bluetooth \u003cHASH:3b4a6\u003e]\n ? init_wait_entry+0x31/0x31\n __hci_cmd_sync+0x16/0x20 [bluetooth \u003cHASH:3b4a 6\u003e]\n hci_error_reset+0x4f/0xa4 [bluetooth \u003cHASH:3b4a 6\u003e]\n process_one_work+0x1d8/0x33f\n worker_thread+0x21b/0x373\n kthread+0x13a/0x152\n ? pr_cont_work+0x54/0x54\n ? kthread_blkcg+0x31/0x31\n ret_from_fork+0x1f/0x30\n\nThis patch holds the reference count on the hci_dev while processing\na HCI_EV_HARDWARE_ERROR event to avoid potential crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26801",
"url": "https://www.suse.com/security/cve/CVE-2024-26801"
},
{
"category": "external",
"summary": "SUSE Bug 1222413 for CVE-2024-26801",
"url": "https://bugzilla.suse.com/1222413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26801"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: af_bluetooth: Fix deadlock\n\nAttemting to do sock_lock on .recvmsg may cause a deadlock as shown\nbellow, so instead of using sock_sock this uses sk_receive_queue.lock\non bt_sock_ioctl to avoid the UAF:\n\nINFO: task kworker/u9:1:121 blocked for more than 30 seconds.\n Not tainted 6.7.6-lemon #183\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x37d/0xa00\n schedule+0x32/0xe0\n __lock_sock+0x68/0xa0\n ? __pfx_autoremove_wake_function+0x10/0x10\n lock_sock_nested+0x43/0x50\n l2cap_sock_recv_cb+0x21/0xa0\n l2cap_recv_frame+0x55b/0x30a0\n ? psi_task_switch+0xeb/0x270\n ? finish_task_switch.isra.0+0x93/0x2a0\n hci_rx_work+0x33a/0x3f0\n process_one_work+0x13a/0x2f0\n worker_thread+0x2f0/0x410\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe0/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2c/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26886",
"url": "https://www.suse.com/security/cve/CVE-2024-26886"
},
{
"category": "external",
"summary": "SUSE Bug 1223044 for CVE-2024-26886",
"url": "https://bugzilla.suse.com/1223044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26886"
},
{
"cve": "CVE-2024-27051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27051",
"url": "https://www.suse.com/security/cve/CVE-2024-27051"
},
{
"category": "external",
"summary": "SUSE Bug 1223769 for CVE-2024-27051",
"url": "https://bugzilla.suse.com/1223769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27051"
},
{
"cve": "CVE-2024-35937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there\u0027s another subframe in the A-MSDU\nbut the header isn\u0027t fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35937",
"url": "https://www.suse.com/security/cve/CVE-2024-35937"
},
{
"category": "external",
"summary": "SUSE Bug 1224526 for CVE-2024-35937",
"url": "https://bugzilla.suse.com/1224526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-35937"
},
{
"cve": "CVE-2024-36886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix UAF in error path\n\nSam Page (sam4k) working with Trend Micro Zero Day Initiative reported\na UAF in the tipc_buf_append() error path:\n\nBUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0\nlinux/net/core/skbuff.c:1183\nRead of size 8 at addr ffff88804d2a7c80 by task poc/8034\n\nCPU: 1 PID: 8034 Comm: poc Not tainted 6.8.2 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.0-debian-1.16.0-5 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack linux/lib/dump_stack.c:88\n dump_stack_lvl+0xd9/0x1b0 linux/lib/dump_stack.c:106\n print_address_description linux/mm/kasan/report.c:377\n print_report+0xc4/0x620 linux/mm/kasan/report.c:488\n kasan_report+0xda/0x110 linux/mm/kasan/report.c:601\n kfree_skb_list_reason+0x47e/0x4c0 linux/net/core/skbuff.c:1183\n skb_release_data+0x5af/0x880 linux/net/core/skbuff.c:1026\n skb_release_all linux/net/core/skbuff.c:1094\n __kfree_skb linux/net/core/skbuff.c:1108\n kfree_skb_reason+0x12d/0x210 linux/net/core/skbuff.c:1144\n kfree_skb linux/./include/linux/skbuff.h:1244\n tipc_buf_append+0x425/0xb50 linux/net/tipc/msg.c:186\n tipc_link_input+0x224/0x7c0 linux/net/tipc/link.c:1324\n tipc_link_rcv+0x76e/0x2d70 linux/net/tipc/link.c:1824\n tipc_rcv+0x45f/0x10f0 linux/net/tipc/node.c:2159\n tipc_udp_recv+0x73b/0x8f0 linux/net/tipc/udp_media.c:390\n udp_queue_rcv_one_skb+0xad2/0x1850 linux/net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x131/0xb00 linux/net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x165/0x3b0 linux/net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x2594/0x3400 linux/net/ipv4/udp.c:2422\n ip_protocol_deliver_rcu+0x30c/0x4e0 linux/net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2e4/0x520 linux/net/ipv4/ip_input.c:233\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_local_deliver+0x18e/0x1f0 linux/net/ipv4/ip_input.c:254\n dst_input linux/./include/net/dst.h:461\n ip_rcv_finish linux/net/ipv4/ip_input.c:449\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_rcv+0x2c5/0x5d0 linux/net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core+0x199/0x1e0 linux/net/core/dev.c:5534\n __netif_receive_skb+0x1f/0x1c0 linux/net/core/dev.c:5648\n process_backlog+0x101/0x6b0 linux/net/core/dev.c:5976\n __napi_poll.constprop.0+0xba/0x550 linux/net/core/dev.c:6576\n napi_poll linux/net/core/dev.c:6645\n net_rx_action+0x95a/0xe90 linux/net/core/dev.c:6781\n __do_softirq+0x21f/0x8e7 linux/kernel/softirq.c:553\n do_softirq linux/kernel/softirq.c:454\n do_softirq+0xb2/0xf0 linux/kernel/softirq.c:441\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x100/0x120 linux/kernel/softirq.c:381\n local_bh_enable linux/./include/linux/bottom_half.h:33\n rcu_read_unlock_bh linux/./include/linux/rcupdate.h:851\n __dev_queue_xmit+0x871/0x3ee0 linux/net/core/dev.c:4378\n dev_queue_xmit linux/./include/linux/netdevice.h:3169\n neigh_hh_output linux/./include/net/neighbour.h:526\n neigh_output linux/./include/net/neighbour.h:540\n ip_finish_output2+0x169f/0x2550 linux/net/ipv4/ip_output.c:235\n __ip_finish_output linux/net/ipv4/ip_output.c:313\n __ip_finish_output+0x49e/0x950 linux/net/ipv4/ip_output.c:295\n ip_finish_output+0x31/0x310 linux/net/ipv4/ip_output.c:323\n NF_HOOK_COND linux/./include/linux/netfilter.h:303\n ip_output+0x13b/0x2a0 linux/net/ipv4/ip_output.c:433\n dst_output linux/./include/net/dst.h:451\n ip_local_out linux/net/ipv4/ip_output.c:129\n ip_send_skb+0x3e5/0x560 linux/net/ipv4/ip_output.c:1492\n udp_send_skb+0x73f/0x1530 linux/net/ipv4/udp.c:963\n udp_sendmsg+0x1a36/0x2b40 linux/net/ipv4/udp.c:1250\n inet_sendmsg+0x105/0x140 linux/net/ipv4/af_inet.c:850\n sock_sendmsg_nosec linux/net/socket.c:730\n __sock_sendmsg linux/net/socket.c:745\n __sys_sendto+0x42c/0x4e0 linux/net/socket.c:2191\n __do_sys_sendto linux/net/socket.c:2203\n __se_sys_sendto linux/net/socket.c:2199\n __x64_sys_sendto+0xe0/0x1c0 linux/net/socket.c:2199\n do_syscall_x64 linux/arch/x86/entry/common.c:52\n do_syscall_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36886",
"url": "https://www.suse.com/security/cve/CVE-2024-36886"
},
{
"category": "external",
"summary": "SUSE Bug 1225730 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-36886"
},
{
"cve": "CVE-2024-36905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets\n\nTCP_SYN_RECV state is really special, it is only used by\ncross-syn connections, mostly used by fuzzers.\n\nIn the following crash [1], syzbot managed to trigger a divide\nby zero in tcp_rcv_space_adjust()\n\nA socket makes the following state transitions,\nwithout ever calling tcp_init_transfer(),\nmeaning tcp_init_buffer_space() is also not called.\n\n TCP_CLOSE\nconnect()\n TCP_SYN_SENT\n TCP_SYN_RECV\nshutdown() -\u003e tcp_shutdown(sk, SEND_SHUTDOWN)\n TCP_FIN_WAIT1\n\nTo fix this issue, change tcp_shutdown() to not\nperform a TCP_SYN_RECV -\u003e TCP_FIN_WAIT1 transition,\nwhich makes no sense anyway.\n\nWhen tcp_rcv_state_process() later changes socket state\nfrom TCP_SYN_RECV to TCP_ESTABLISH, then look at\nsk-\u003esk_shutdown to finally enter TCP_FIN_WAIT1 state,\nand send a FIN packet from a sane socket state.\n\nThis means tcp_send_fin() can now be called from BH\ncontext, and must use GFP_ATOMIC allocations.\n\n[1]\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 5084 Comm: syz-executor358 Not tainted 6.9.0-rc6-syzkaller-00022-g98369dccd2f8 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:tcp_rcv_space_adjust+0x2df/0x890 net/ipv4/tcp_input.c:767\nCode: e3 04 4c 01 eb 48 8b 44 24 38 0f b6 04 10 84 c0 49 89 d5 0f 85 a5 03 00 00 41 8b 8e c8 09 00 00 89 e8 29 c8 48 0f af c3 31 d2 \u003c48\u003e f7 f1 48 8d 1c 43 49 8d 96 76 08 00 00 48 89 d0 48 c1 e8 03 48\nRSP: 0018:ffffc900031ef3f0 EFLAGS: 00010246\nRAX: 0c677a10441f8f42 RBX: 000000004fb95e7e RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000027d4b11f R08: ffffffff89e535a4 R09: 1ffffffff25e6ab7\nR10: dffffc0000000000 R11: ffffffff8135e920 R12: ffff88802a9f8d30\nR13: dffffc0000000000 R14: ffff88802a9f8d00 R15: 1ffff1100553f2da\nFS: 00005555775c0380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1155bf2304 CR3: 000000002b9f2000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcp_recvmsg_locked+0x106d/0x25a0 net/ipv4/tcp.c:2513\n tcp_recvmsg+0x25d/0x920 net/ipv4/tcp.c:2578\n inet6_recvmsg+0x16a/0x730 net/ipv6/af_inet6.c:680\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x474/0xae0 net/socket.c:2939\n __sys_recvmmsg net/socket.c:3018 [inline]\n __do_sys_recvmmsg net/socket.c:3041 [inline]\n __se_sys_recvmmsg net/socket.c:3034 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3034\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7faeb6363db9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcc1997168 EFLAGS: 00000246 ORIG_RAX: 000000000000012b\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faeb6363db9\nRDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000001c\nR10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36905",
"url": "https://www.suse.com/security/cve/CVE-2024-36905"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36905",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-36905"
},
{
"cve": "CVE-2024-36954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36954",
"url": "https://www.suse.com/security/cve/CVE-2024-36954"
},
{
"category": "external",
"summary": "SUSE Bug 1225764 for CVE-2024-36954",
"url": "https://bugzilla.suse.com/1225764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-36954"
},
{
"cve": "CVE-2024-42098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ecdh - explicitly zeroize private_key\n\nprivate_key is overwritten with the key parameter passed in by the\ncaller (if present), or alternatively a newly generated private key.\nHowever, it is possible that the caller provides a key (or the newly\ngenerated key) which is shorter than the previous key. In that\nscenario, some key material from the previous key would not be\noverwritten. The easiest solution is to explicitly zeroize the entire\nprivate_key array first.\n\nNote that this patch slightly changes the behavior of this function:\npreviously, if the ecc_gen_privkey failed, the old private_key would\nremain. Now, the private_key is always zeroized. This behavior is\nconsistent with the case where params.key is set and ecc_is_key_valid\nfails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42098",
"url": "https://www.suse.com/security/cve/CVE-2024-42098"
},
{
"category": "external",
"summary": "SUSE Bug 1228779 for CVE-2024-42098",
"url": "https://bugzilla.suse.com/1228779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-42098"
},
{
"cve": "CVE-2024-42131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid overflows in dirty throttling logic\n\nThe dirty throttling logic is interspersed with assumptions that dirty\nlimits in PAGE_SIZE units fit into 32-bit (so that various multiplications\nfit into 64-bits). If limits end up being larger, we will hit overflows,\npossible divisions by 0 etc. Fix these problems by never allowing so\nlarge dirty limits as they have dubious practical value anyway. For\ndirty_bytes / dirty_background_bytes interfaces we can just refuse to set\nso large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so\nsimple as the dirty limit is computed from the amount of available memory\nwhich can change due to memory hotplug etc. So when converting dirty\nlimits from ratios to numbers of pages, we just don\u0027t allow the result to\nexceed UINT_MAX.\n\nThis is root-only triggerable problem which occurs when the operator\nsets dirty limits to \u003e16 TB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42131",
"url": "https://www.suse.com/security/cve/CVE-2024-42131"
},
{
"category": "external",
"summary": "SUSE Bug 1228650 for CVE-2024-42131",
"url": "https://bugzilla.suse.com/1228650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-42131"
},
{
"cve": "CVE-2024-42229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: aead,cipher - zeroize key buffer after use\n\nI.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding\ncryptographic information should be zeroized once they are no longer\nneeded. Accomplish this by using kfree_sensitive for buffers that\npreviously held the private key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42229",
"url": "https://www.suse.com/security/cve/CVE-2024-42229"
},
{
"category": "external",
"summary": "SUSE Bug 1228708 for CVE-2024-42229",
"url": "https://bugzilla.suse.com/1228708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-42229"
},
{
"cve": "CVE-2024-44995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n |\n \u25bc\n ......\nsetup tc |\n | \u25bc\n \u25bc DOWN: napi_disable()\nnapi_disable()(skip) |\n | |\n \u25bc \u25bc\n ...... ......\n | |\n \u25bc |\nnapi_enable() |\n \u25bc\n UINIT: netif_napi_del()\n |\n \u25bc\n ......\n |\n \u25bc\n INIT: netif_napi_add()\n |\n \u25bc\n ...... global reset start\n | |\n \u25bc \u25bc\n UP: napi_enable()(skip) ......\n | |\n \u25bc \u25bc\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44995",
"url": "https://www.suse.com/security/cve/CVE-2024-44995"
},
{
"category": "external",
"summary": "SUSE Bug 1230231 for CVE-2024-44995",
"url": "https://bugzilla.suse.com/1230231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-44995"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-46771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Remove proc entry when dev is unregistered.\n\nsyzkaller reported a warning in bcm_connect() below. [0]\n\nThe repro calls connect() to vxcan1, removes vxcan1, and calls\nconnect() with ifindex == 0.\n\nCalling connect() for a BCM socket allocates a proc entry.\nThen, bcm_sk(sk)-\u003ebound is set to 1 to prevent further connect().\n\nHowever, removing the bound device resets bcm_sk(sk)-\u003ebound to 0\nin bcm_notify().\n\nThe 2nd connect() tries to allocate a proc entry with the same\nname and sets NULL to bcm_sk(sk)-\u003ebcm_proc_read, leaking the\noriginal proc entry.\n\nSince the proc entry is available only for connect()ed sockets,\nlet\u0027s clean up the entry when the bound netdev is unregistered.\n\n[0]:\nproc_dir_entry \u0027can-bcm/2456\u0027 already registered\nWARNING: CPU: 1 PID: 394 at fs/proc/generic.c:376 proc_register+0x645/0x8f0 fs/proc/generic.c:375\nModules linked in:\nCPU: 1 PID: 394 Comm: syz-executor403 Not tainted 6.10.0-rc7-g852e42cc2dd4\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:proc_register+0x645/0x8f0 fs/proc/generic.c:375\nCode: 00 00 00 00 00 48 85 ed 0f 85 97 02 00 00 4d 85 f6 0f 85 9f 02 00 00 48 c7 c7 9b cb cf 87 48 89 de 4c 89 fa e8 1c 6f eb fe 90 \u003c0f\u003e 0b 90 90 48 c7 c7 98 37 99 89 e8 cb 7e 22 05 bb 00 00 00 10 48\nRSP: 0018:ffa0000000cd7c30 EFLAGS: 00010246\nRAX: 9e129be1950f0200 RBX: ff1100011b51582c RCX: ff1100011857cd80\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002\nRBP: 0000000000000000 R08: ffd400000000000f R09: ff1100013e78cac0\nR10: ffac800000cd7980 R11: ff1100013e12b1f0 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ff1100011a99a2ec\nFS: 00007fbd7086f740(0000) GS:ff1100013fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200071c0 CR3: 0000000118556004 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n proc_create_net_single+0x144/0x210 fs/proc/proc_net.c:220\n bcm_connect+0x472/0x840 net/can/bcm.c:1673\n __sys_connect_file net/socket.c:2049 [inline]\n __sys_connect+0x5d2/0x690 net/socket.c:2066\n __do_sys_connect net/socket.c:2076 [inline]\n __se_sys_connect net/socket.c:2073 [inline]\n __x64_sys_connect+0x8f/0x100 net/socket.c:2073\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1c0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7fbd708b0e5d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48\nRSP: 002b:00007fff8cd33f08 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbd708b0e5d\nRDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000040\nR10: 0000000000000040 R11: 0000000000000246 R12: 00007fff8cd34098\nR13: 0000000000401280 R14: 0000000000406de8 R15: 00007fbd70ab9000\n \u003c/TASK\u003e\nremove_proc_entry: removing non-empty directory \u0027net/can-bcm\u0027, leaking at least \u00272456\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46771",
"url": "https://www.suse.com/security/cve/CVE-2024-46771"
},
{
"category": "external",
"summary": "SUSE Bug 1230766 for CVE-2024-46771",
"url": "https://bugzilla.suse.com/1230766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-46771"
},
{
"cve": "CVE-2024-46777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Avoid excessive partition lengths\n\nAvoid mounting filesystems where the partition would overflow the\n32-bits used for block number. Also refuse to mount filesystems where\nthe partition length is so large we cannot safely index bits in a\nblock bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46777",
"url": "https://www.suse.com/security/cve/CVE-2024-46777"
},
{
"category": "external",
"summary": "SUSE Bug 1230773 for CVE-2024-46777",
"url": "https://bugzilla.suse.com/1230773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-46777"
},
{
"cve": "CVE-2024-46800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent\u0027s\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46800",
"url": "https://www.suse.com/security/cve/CVE-2024-46800"
},
{
"category": "external",
"summary": "SUSE Bug 1230827 for CVE-2024-46800",
"url": "https://bugzilla.suse.com/1230827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-46800"
},
{
"cve": "CVE-2024-47660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: clear PARENT_WATCHED flags lazily\n\nIn some setups directories can have many (usually negative) dentries.\nHence __fsnotify_update_child_dentry_flags() function can take a\nsignificant amount of time. Since the bulk of this function happens\nunder inode-\u003ei_lock this causes a significant contention on the lock\nwhen we remove the watch from the directory as the\n__fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask()\nraces with __fsnotify_update_child_dentry_flags() calls from\n__fsnotify_parent() happening on children. This can lead upto softlockup\nreports reported by users.\n\nFix the problem by calling fsnotify_update_children_dentry_flags() to\nset PARENT_WATCHED flags only when parent starts watching children.\n\nWhen parent stops watching children, clear false positive PARENT_WATCHED\nflags lazily in __fsnotify_parent() for each accessed child.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47660",
"url": "https://www.suse.com/security/cve/CVE-2024-47660"
},
{
"category": "external",
"summary": "SUSE Bug 1231439 for CVE-2024-47660",
"url": "https://bugzilla.suse.com/1231439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "low"
}
],
"title": "CVE-2024-47660"
},
{
"cve": "CVE-2024-47679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: fix race between evice_inodes() and find_inode()\u0026iput()\n\nHi, all\n\nRecently I noticed a bug[1] in btrfs, after digged it into\nand I believe it\u0027a race in vfs.\n\nLet\u0027s assume there\u0027s a inode (ie ino 261) with i_count 1 is\ncalled by iput(), and there\u0027s a concurrent thread calling\ngeneric_shutdown_super().\n\ncpu0: cpu1:\niput() // i_count is 1\n -\u003espin_lock(inode)\n -\u003edec i_count to 0\n -\u003eiput_final() generic_shutdown_super()\n -\u003e__inode_add_lru() -\u003eevict_inodes()\n // cause some reason[2] -\u003eif (atomic_read(inode-\u003ei_count)) continue;\n // return before // inode 261 passed the above check\n // list_lru_add_obj() // and then schedule out\n -\u003espin_unlock()\n// note here: the inode 261\n// was still at sb list and hash list,\n// and I_FREEING|I_WILL_FREE was not been set\n\nbtrfs_iget()\n // after some function calls\n -\u003efind_inode()\n // found the above inode 261\n -\u003espin_lock(inode)\n // check I_FREEING|I_WILL_FREE\n // and passed\n -\u003e__iget()\n -\u003espin_unlock(inode) // schedule back\n -\u003espin_lock(inode)\n // check (I_NEW|I_FREEING|I_WILL_FREE) flags,\n // passed and set I_FREEING\niput() -\u003espin_unlock(inode)\n -\u003espin_lock(inode)\t\t\t -\u003eevict()\n // dec i_count to 0\n -\u003eiput_final()\n -\u003espin_unlock()\n -\u003eevict()\n\nNow, we have two threads simultaneously evicting\nthe same inode, which may trigger the BUG(inode-\u003ei_state \u0026 I_CLEAR)\nstatement both within clear_inode() and iput().\n\nTo fix the bug, recheck the inode-\u003ei_count after holding i_lock.\nBecause in the most scenarios, the first check is valid, and\nthe overhead of spin_lock() can be reduced.\n\nIf there is any misunderstanding, please let me know, thanks.\n\n[1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/\n[2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable()\nreturn false when I reproduced the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47679",
"url": "https://www.suse.com/security/cve/CVE-2024-47679"
},
{
"category": "external",
"summary": "SUSE Bug 1231930 for CVE-2024-47679",
"url": "https://bugzilla.suse.com/1231930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-47679"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-49858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefistub/tpm: Use ACPI reclaim memory for event log to avoid corruption\n\nThe TPM event log table is a Linux specific construct, where the data\nproduced by the GetEventLog() boot service is cached in memory, and\npassed on to the OS using an EFI configuration table.\n\nThe use of EFI_LOADER_DATA here results in the region being left\nunreserved in the E820 memory map constructed by the EFI stub, and this\nis the memory description that is passed on to the incoming kernel by\nkexec, which is therefore unaware that the region should be reserved.\n\nEven though the utility of the TPM2 event log after a kexec is\nquestionable, any corruption might send the parsing code off into the\nweeds and crash the kernel. So let\u0027s use EFI_ACPI_RECLAIM_MEMORY\ninstead, which is always treated as reserved by the E820 conversion\nlogic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49858",
"url": "https://www.suse.com/security/cve/CVE-2024-49858"
},
{
"category": "external",
"summary": "SUSE Bug 1232251 for CVE-2024-49858",
"url": "https://bugzilla.suse.com/1232251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49858"
},
{
"cve": "CVE-2024-49868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a NULL pointer dereference when failed to start a new trasacntion\n\n[BUG]\nSyzbot reported a NULL pointer dereference with the following crash:\n\n FAULT_INJECTION: forcing a failure.\n start_transaction+0x830/0x1670 fs/btrfs/transaction.c:676\n prepare_to_relocate+0x31f/0x4c0 fs/btrfs/relocation.c:3642\n relocate_block_group+0x169/0xd20 fs/btrfs/relocation.c:3678\n ...\n BTRFS info (device loop0): balance: ended with status: -12\n Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cc: 0000 [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000660-0x0000000000000667]\n RIP: 0010:btrfs_update_reloc_root+0x362/0xa80 fs/btrfs/relocation.c:926\n Call Trace:\n \u003cTASK\u003e\n commit_fs_roots+0x2ee/0x720 fs/btrfs/transaction.c:1496\n btrfs_commit_transaction+0xfaf/0x3740 fs/btrfs/transaction.c:2430\n del_balance_item fs/btrfs/volumes.c:3678 [inline]\n reset_balance_state+0x25e/0x3c0 fs/btrfs/volumes.c:3742\n btrfs_balance+0xead/0x10c0 fs/btrfs/volumes.c:4574\n btrfs_ioctl_balance+0x493/0x7c0 fs/btrfs/ioctl.c:3673\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[CAUSE]\nThe allocation failure happens at the start_transaction() inside\nprepare_to_relocate(), and during the error handling we call\nunset_reloc_control(), which makes fs_info-\u003ebalance_ctl to be NULL.\n\nThen we continue the error path cleanup in btrfs_balance() by calling\nreset_balance_state() which will call del_balance_item() to fully delete\nthe balance item in the root tree.\n\nHowever during the small window between set_reloc_contrl() and\nunset_reloc_control(), we can have a subvolume tree update and created a\nreloc_root for that subvolume.\n\nThen we go into the final btrfs_commit_transaction() of\ndel_balance_item(), and into btrfs_update_reloc_root() inside\ncommit_fs_roots().\n\nThat function checks if fs_info-\u003ereloc_ctl is in the merge_reloc_tree\nstage, but since fs_info-\u003ereloc_ctl is NULL, it results a NULL pointer\ndereference.\n\n[FIX]\nJust add extra check on fs_info-\u003ereloc_ctl inside\nbtrfs_update_reloc_root(), before checking\nfs_info-\u003ereloc_ctl-\u003emerge_reloc_tree.\n\nThat DEAD_RELOC_TREE handling is to prevent further modification to the\nreloc tree during merge stage, but since there is no reloc_ctl at all,\nwe do not need to bother that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49868",
"url": "https://www.suse.com/security/cve/CVE-2024-49868"
},
{
"category": "external",
"summary": "SUSE Bug 1232272 for CVE-2024-49868",
"url": "https://bugzilla.suse.com/1232272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49868"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before used\n\n[WHAT \u0026 HOW]\nPoniters, such as dc-\u003eclk_mgr, are null checked previously in the same\nfunction, so Coverity warns \"implies that \"dc-\u003eclk_mgr\" might be null\".\nAs a result, these pointers need to be checked when used again.\n\nThis fixes 10 FORWARD_NULL issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49921",
"url": "https://www.suse.com/security/cve/CVE-2024-49921"
},
{
"category": "external",
"summary": "SUSE Bug 1232371 for CVE-2024-49921",
"url": "https://bugzilla.suse.com/1232371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49921"
},
{
"cve": "CVE-2024-49925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: efifb: Register sysfs groups through driver core\n\nThe driver core can register and cleanup sysfs groups already.\nMake use of that functionality to simplify the error handling and\ncleanup.\n\nAlso avoid a UAF race during unregistering where the sysctl attributes\nwere usable after the info struct was freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49925",
"url": "https://www.suse.com/security/cve/CVE-2024-49925"
},
{
"category": "external",
"summary": "SUSE Bug 1232224 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "external",
"summary": "SUSE Bug 1232225 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49925"
},
{
"cve": "CVE-2024-49938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n\nSyzbot points out that skb_trim() has a sanity check on the existing length of\nthe skb, which can be uninitialised in some error paths. The intent here is\nclearly just to reset the length to zero before resubmitting, so switch to\ncalling __skb_set_length(skb, 0) directly. In addition, __skb_set_length()\nalready contains a call to skb_reset_tail_pointer(), so remove the redundant\ncall.\n\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there\u0027s a similar\nusage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we\u0027re at it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49938",
"url": "https://www.suse.com/security/cve/CVE-2024-49938"
},
{
"category": "external",
"summary": "SUSE Bug 1232552 for CVE-2024-49938",
"url": "https://bugzilla.suse.com/1232552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49938"
},
{
"cve": "CVE-2024-49945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ncsi: Disable the ncsi work before freeing the associated structure\n\nThe work function can run after the ncsi device is freed, resulting\nin use-after-free bugs or kernel panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49945",
"url": "https://www.suse.com/security/cve/CVE-2024-49945"
},
{
"category": "external",
"summary": "SUSE Bug 1232165 for CVE-2024-49945",
"url": "https://bugzilla.suse.com/1232165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49945"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: prevent nf_skb_duplicated corruption\n\nsyzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write\nper-cpu variable nf_skb_duplicated in an unsafe way [1].\n\nDisabling preemption as hinted by the splat is not enough,\nwe have to disable soft interrupts as well.\n\n[1]\nBUG: using __this_cpu_write() in preemptible [00000000] code: syz.4.282/6316\n caller is nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\nCPU: 0 UID: 0 PID: 6316 Comm: syz.4.282 Not tainted 6.11.0-rc7-syzkaller-00104-g7052622fccb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n check_preemption_disabled+0x10e/0x120 lib/smp_processor_id.c:49\n nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\n nft_dup_ipv4_eval+0x1db/0x300 net/ipv4/netfilter/nft_dup_ipv4.c:30\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x202/0x320 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook+0x2c4/0x450 include/linux/netfilter.h:269\n NF_HOOK_COND include/linux/netfilter.h:302 [inline]\n ip_output+0x185/0x230 net/ipv4/ip_output.c:433\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n ip_send_skb+0x74/0x100 net/ipv4/ip_output.c:1495\n udp_send_skb+0xacf/0x1650 net/ipv4/udp.c:981\n udp_sendmsg+0x1c21/0x2a60 net/ipv4/udp.c:1269\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmmsg+0x3b2/0x740 net/socket.c:2737\n __do_sys_sendmmsg net/socket.c:2766 [inline]\n __se_sys_sendmmsg net/socket.c:2763 [inline]\n __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2763\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f4ce4f7def9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f4ce5d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133\nRAX: ffffffffffffffda RBX: 00007f4ce5135f80 RCX: 00007f4ce4f7def9\nRDX: 0000000000000001 RSI: 0000000020005d40 RDI: 0000000000000006\nRBP: 00007f4ce4ff0b76 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f4ce5135f80 R15: 00007ffd4cbc6d68\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49952",
"url": "https://www.suse.com/security/cve/CVE-2024-49952"
},
{
"category": "external",
"summary": "SUSE Bug 1232157 for CVE-2024-49952",
"url": "https://bugzilla.suse.com/1232157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49952"
},
{
"cve": "CVE-2024-50044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change\n\nrfcomm_sk_state_change attempts to use sock_lock so it must never be\ncalled with it locked but rfcomm_sock_ioctl always attempt to lock it\ncausing the following trace:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted\n------------------------------------------------------\nsyz-executor386/5093 is trying to acquire lock:\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline]\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73\n\nbut task is already holding lock:\nffff88807badfd28 (\u0026d-\u003elock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50044",
"url": "https://www.suse.com/security/cve/CVE-2024-50044"
},
{
"category": "external",
"summary": "SUSE Bug 1231904 for CVE-2024-50044",
"url": "https://bugzilla.suse.com/1231904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50044"
},
{
"cve": "CVE-2024-50055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: bus: Fix double free in driver API bus_register()\n\nFor bus_register(), any error which happens after kset_register() will\ncause that @priv are freed twice, fixed by setting @priv with NULL after\nthe first free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50055",
"url": "https://www.suse.com/security/cve/CVE-2024-50055"
},
{
"category": "external",
"summary": "SUSE Bug 1232329 for CVE-2024-50055",
"url": "https://bugzilla.suse.com/1232329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50055"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nparport: Proper fix for array out-of-bounds access\n\nThe recent fix for array out-of-bounds accesses replaced sprintf()\ncalls blindly with snprintf(). However, since snprintf() returns the\nwould-be-printed size, not the actually output size, the length\ncalculation can still go over the given limit.\n\nUse scnprintf() instead of snprintf(), which returns the actually\noutput letters, for addressing the potential out-of-bounds access\nproperly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50074",
"url": "https://www.suse.com/security/cve/CVE-2024-50074"
},
{
"category": "external",
"summary": "SUSE Bug 1232507 for CVE-2024-50074",
"url": "https://bugzilla.suse.com/1232507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50074"
},
{
"cve": "CVE-2024-50095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mad: Improve handling of timed out WRs of mad agent\n\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv\nlock for every timed out WRs. This causes heavy locking contention\nwhen higher no. of WRs are to be handled inside timeout handler.\n\nThis leads to softlockup with below trace in some use cases where\nrdma-cm path is used to establish connection between peer nodes\n\nTrace:\n-----\n BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]\n CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE\n ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1\n Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019\n Workqueue: ib_mad1 timeout_sends [ib_core]\n RIP: 0010:__do_softirq+0x78/0x2ac\n RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246\n RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f\n RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b\n RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000\n R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __irq_exit_rcu+0xa1/0xc0\n ? watchdog_timer_fn+0x1b2/0x210\n ? __pfx_watchdog_timer_fn+0x10/0x10\n ? __hrtimer_run_queues+0x127/0x2c0\n ? hrtimer_interrupt+0xfc/0x210\n ? __sysvec_apic_timer_interrupt+0x5c/0x110\n ? sysvec_apic_timer_interrupt+0x37/0x90\n ? asm_sysvec_apic_timer_interrupt+0x16/0x20\n ? __do_softirq+0x78/0x2ac\n ? __do_softirq+0x60/0x2ac\n __irq_exit_rcu+0xa1/0xc0\n sysvec_call_function_single+0x72/0x90\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_call_function_single+0x16/0x20\n RIP: 0010:_raw_spin_unlock_irq+0x14/0x30\n RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247\n RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800\n RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c\n RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000\n R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538\n R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c\n cm_process_send_error+0x122/0x1d0 [ib_cm]\n timeout_sends+0x1dd/0x270 [ib_core]\n process_one_work+0x1e2/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n worker_thread+0x50/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e\n\nSimplified timeout handler by creating local list of timed out WRs\nand invoke send handler post creating the list. The new method acquires/\nreleases lock once to fetch the list and hence helps to reduce locking\ncontetiong when processing higher no. of WRs",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50095",
"url": "https://www.suse.com/security/cve/CVE-2024-50095"
},
{
"category": "external",
"summary": "SUSE Bug 1232873 for CVE-2024-50095",
"url": "https://bugzilla.suse.com/1232873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50095"
},
{
"cve": "CVE-2024-50099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Remove broken LDR (literal) uprobe support\n\nThe simulate_ldr_literal() and simulate_ldrsw_literal() functions are\nunsafe to use for uprobes. Both functions were originally written for\nuse with kprobes, and access memory with plain C accesses. When uprobes\nwas added, these were reused unmodified even though they cannot safely\naccess user memory.\n\nThere are three key problems:\n\n1) The plain C accesses do not have corresponding extable entries, and\n thus if they encounter a fault the kernel will treat these as\n unintentional accesses to user memory, resulting in a BUG() which\n will kill the kernel thread, and likely lead to further issues (e.g.\n lockup or panic()).\n\n2) The plain C accesses are subject to HW PAN and SW PAN, and so when\n either is in use, any attempt to simulate an access to user memory\n will fault. Thus neither simulate_ldr_literal() nor\n simulate_ldrsw_literal() can do anything useful when simulating a\n user instruction on any system with HW PAN or SW PAN.\n\n3) The plain C accesses are privileged, as they run in kernel context,\n and in practice can access a small range of kernel virtual addresses.\n The instructions they simulate have a range of +/-1MiB, and since the\n simulated instructions must itself be a user instructions in the\n TTBR0 address range, these can address the final 1MiB of the TTBR1\n acddress range by wrapping downwards from an address in the first\n 1MiB of the TTBR0 address range.\n\n In contemporary kernels the last 8MiB of TTBR1 address range is\n reserved, and accesses to this will always fault, meaning this is no\n worse than (1).\n\n Historically, it was theoretically possible for the linear map or\n vmemmap to spill into the final 8MiB of the TTBR1 address range, but\n in practice this is extremely unlikely to occur as this would\n require either:\n\n * Having enough physical memory to fill the entire linear map all the\n way to the final 1MiB of the TTBR1 address range.\n\n * Getting unlucky with KASLR randomization of the linear map such\n that the populated region happens to overlap with the last 1MiB of\n the TTBR address range.\n\n ... and in either case if we were to spill into the final page there\n would be larger problems as the final page would alias with error\n pointers.\n\nPractically speaking, (1) and (2) are the big issues. Given there have\nbeen no reports of problems since the broken code was introduced, it\nappears that no-one is relying on probing these instructions with\nuprobes.\n\nAvoid these issues by not allowing uprobes on LDR (literal) and LDRSW\n(literal), limiting the use of simulate_ldr_literal() and\nsimulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR\n(literal) and LDRSW (literal) will be rejected as\narm_probe_decode_insn() will return INSN_REJECTED. In future we can\nconsider introducing working uprobes support for these instructions, but\nthis will require more significant work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50099",
"url": "https://www.suse.com/security/cve/CVE-2024-50099"
},
{
"category": "external",
"summary": "SUSE Bug 1232887 for CVE-2024-50099",
"url": "https://bugzilla.suse.com/1232887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50099"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Guard against bad data for ATIF ACPI method\n\nIf a BIOS provides bad data in response to an ATIF method call\nthis causes a NULL pointer dereference in the caller.\n\n```\n? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1))\n? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434)\n? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2))\n? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1))\n? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642)\n? exc_page_fault (arch/x86/mm/fault.c:1542)\n? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu\n```\n\nIt has been encountered on at least one system, so guard for it.\n\n(cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50117",
"url": "https://www.suse.com/security/cve/CVE-2024-50117"
},
{
"category": "external",
"summary": "SUSE Bug 1232897 for CVE-2024-50117",
"url": "https://bugzilla.suse.com/1232897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50117"
},
{
"cve": "CVE-2024-50125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn-\u003esk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn-\u003esk is still valid by checking if it part of\nsco_sk_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50125",
"url": "https://www.suse.com/security/cve/CVE-2024-50125"
},
{
"category": "external",
"summary": "SUSE Bug 1232928 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "external",
"summary": "SUSE Bug 1232929 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50125"
},
{
"cve": "CVE-2024-50135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-pci: fix race condition between reset and nvme_dev_disable()\n\nnvme_dev_disable() modifies the dev-\u003eonline_queues field, therefore\nnvme_pci_update_nr_queues() should avoid racing against it, otherwise\nwe could end up passing invalid values to blk_mq_update_nr_hw_queues().\n\n WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347\n pci_irq_get_affinity+0x187/0x210\n Workqueue: nvme-reset-wq nvme_reset_work [nvme]\n RIP: 0010:pci_irq_get_affinity+0x187/0x210\n Call Trace:\n \u003cTASK\u003e\n ? blk_mq_pci_map_queues+0x87/0x3c0\n ? pci_irq_get_affinity+0x187/0x210\n blk_mq_pci_map_queues+0x87/0x3c0\n nvme_pci_map_queues+0x189/0x460 [nvme]\n blk_mq_update_nr_hw_queues+0x2a/0x40\n nvme_reset_work+0x1be/0x2a0 [nvme]\n\nFix the bug by locking the shutdown_lock mutex before using\ndev-\u003eonline_queues. Give up if nvme_dev_disable() is running or if\nit has been executed already.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50135",
"url": "https://www.suse.com/security/cve/CVE-2024-50135"
},
{
"category": "external",
"summary": "SUSE Bug 1232888 for CVE-2024-50135",
"url": "https://bugzilla.suse.com/1232888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50135"
},
{
"cve": "CVE-2024-50148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere\u0027s issue as follows:\n KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W\n RIP: 0010:proto_unregister+0xee/0x400\n Call Trace:\n \u003cTASK\u003e\n __do_sys_delete_module+0x318/0x580\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock\u0027s resource.\nTo solve above issue just return bnep_sock_init()\u0027s return value in\nbnep_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50148",
"url": "https://www.suse.com/security/cve/CVE-2024-50148"
},
{
"category": "external",
"summary": "SUSE Bug 1233063 for CVE-2024-50148",
"url": "https://bugzilla.suse.com/1233063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50148"
},
{
"cve": "CVE-2024-50150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmode should keep reference to parent\n\nThe altmode device release refers to its parent device, but without keeping\na reference to it.\n\nWhen registering the altmode, get a reference to the parent and put it in\nthe release function.\n\nBefore this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues\nlike this:\n\n[ 43.572860] kobject: \u0027port0.0\u0027 (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.573532] kobject: \u0027port0.1\u0027 (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000)\n[ 43.574407] kobject: \u0027port0\u0027 (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.575059] kobject: \u0027port1.0\u0027 (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.575908] kobject: \u0027port1.1\u0027 (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.576908] kobject: \u0027typec\u0027 (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.577769] kobject: \u0027port1\u0027 (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 46.612867] ==================================================================\n[ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129\n[ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48\n[ 46.614538]\n[ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535\n[ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 46.616042] Workqueue: events kobject_delayed_cleanup\n[ 46.616446] Call Trace:\n[ 46.616648] \u003cTASK\u003e\n[ 46.616820] dump_stack_lvl+0x5b/0x7c\n[ 46.617112] ? typec_altmode_release+0x38/0x129\n[ 46.617470] print_report+0x14c/0x49e\n[ 46.617769] ? rcu_read_unlock_sched+0x56/0x69\n[ 46.618117] ? __virt_addr_valid+0x19a/0x1ab\n[ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d\n[ 46.618807] ? typec_altmode_release+0x38/0x129\n[ 46.619161] kasan_report+0x8d/0xb4\n[ 46.619447] ? typec_altmode_release+0x38/0x129\n[ 46.619809] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620185] typec_altmode_release+0x38/0x129\n[ 46.620537] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620907] device_release+0xaf/0xf2\n[ 46.621206] kobject_delayed_cleanup+0x13b/0x17a\n[ 46.621584] process_scheduled_works+0x4f6/0x85f\n[ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10\n[ 46.622353] ? hlock_class+0x31/0x9a\n[ 46.622647] ? lock_acquired+0x361/0x3c3\n[ 46.622956] ? move_linked_works+0x46/0x7d\n[ 46.623277] worker_thread+0x1ce/0x291\n[ 46.623582] ? __kthread_parkme+0xc8/0xdf\n[ 46.623900] ? __pfx_worker_thread+0x10/0x10\n[ 46.624236] kthread+0x17e/0x190\n[ 46.624501] ? kthread+0xfb/0x190\n[ 46.624756] ? __pfx_kthread+0x10/0x10\n[ 46.625015] ret_from_fork+0x20/0x40\n[ 46.625268] ? __pfx_kthread+0x10/0x10\n[ 46.625532] ret_from_fork_asm+0x1a/0x30\n[ 46.625805] \u003c/TASK\u003e\n[ 46.625953]\n[ 46.626056] Allocated by task 678:\n[ 46.626287] kasan_save_stack+0x24/0x44\n[ 46.626555] kasan_save_track+0x14/0x2d\n[ 46.626811] __kasan_kmalloc+0x3f/0x4d\n[ 46.627049] __kmalloc_noprof+0x1bf/0x1f0\n[ 46.627362] typec_register_port+0x23/0x491\n[ 46.627698] cros_typec_probe+0x634/0xbb6\n[ 46.628026] platform_probe+0x47/0x8c\n[ 46.628311] really_probe+0x20a/0x47d\n[ 46.628605] device_driver_attach+0x39/0x72\n[ 46.628940] bind_store+0x87/0xd7\n[ 46.629213] kernfs_fop_write_iter+0x1aa/0x218\n[ 46.629574] vfs_write+0x1d6/0x29b\n[ 46.629856] ksys_write+0xcd/0x13b\n[ 46.630128] do_syscall_64+0xd4/0x139\n[ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 46.630820]\n[ 46.630946] Freed by task 48:\n[ 46.631182] kasan_save_stack+0x24/0x44\n[ 46.631493] kasan_save_track+0x14/0x2d\n[ 46.631799] kasan_save_free_info+0x3f/0x4d\n[ 46.632144] __kasan_slab_free+0x37/0x45\n[ 46.632474]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50150",
"url": "https://www.suse.com/security/cve/CVE-2024-50150"
},
{
"category": "external",
"summary": "SUSE Bug 1233051 for CVE-2024-50150",
"url": "https://bugzilla.suse.com/1233051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50150"
},
{
"cve": "CVE-2024-50154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don\u0027t use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req-\u003esk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer-\u003eentry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req-\u003esk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req-\u003esk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req-\u003esk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req-\u003esk\n\nLet\u0027s not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50154",
"url": "https://www.suse.com/security/cve/CVE-2024-50154"
},
{
"category": "external",
"summary": "SUSE Bug 1233070 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "external",
"summary": "SUSE Bug 1233072 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: fix potential memory leak in be_xmit()\n\nThe be_xmit() returns NETDEV_TX_OK without freeing skb\nin case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50167",
"url": "https://www.suse.com/security/cve/CVE-2024-50167"
},
{
"category": "external",
"summary": "SUSE Bug 1233049 for CVE-2024-50167",
"url": "https://bugzilla.suse.com/1233049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50167"
},
{
"cve": "CVE-2024-50171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: fix potential memory leak in bcm_sysport_xmit()\n\nThe bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb\nin case of dma_map_single() fails, add dev_kfree_skb() to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50171",
"url": "https://www.suse.com/security/cve/CVE-2024-50171"
},
{
"category": "external",
"summary": "SUSE Bug 1233057 for CVE-2024-50171",
"url": "https://bugzilla.suse.com/1233057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50171"
},
{
"cve": "CVE-2024-50179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: remove the incorrect Fw reference check when dirtying pages\n\nWhen doing the direct-io reads it will also try to mark pages dirty,\nbut for the read path it won\u0027t hold the Fw caps and there is case\nwill it get the Fw reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50179",
"url": "https://www.suse.com/security/cve/CVE-2024-50179"
},
{
"category": "external",
"summary": "SUSE Bug 1233123 for CVE-2024-50179",
"url": "https://bugzilla.suse.com/1233123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50179"
},
{
"cve": "CVE-2024-50183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance\n\nDeleting an NPIV instance requires all fabric ndlps to be released before\nan NPIV\u0027s resources can be torn down. Failure to release fabric ndlps\nbeforehand opens kref imbalance race conditions. Fix by forcing the DA_ID\nto complete synchronously with usage of wait_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50183",
"url": "https://www.suse.com/security/cve/CVE-2024-50183"
},
{
"category": "external",
"summary": "SUSE Bug 1233130 for CVE-2024-50183",
"url": "https://bugzilla.suse.com/1233130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50183"
},
{
"cve": "CVE-2024-50187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: Stop the active perfmon before being destroyed\n\nUpon closing the file descriptor, the active performance monitor is not\nstopped. Although all perfmons are destroyed in `vc4_perfmon_close_file()`,\nthe active performance monitor\u0027s pointer (`vc4-\u003eactive_perfmon`) is still\nretained.\n\nIf we open a new file descriptor and submit a few jobs with performance\nmonitors, the driver will attempt to stop the active performance monitor\nusing the stale pointer in `vc4-\u003eactive_perfmon`. However, this pointer\nis no longer valid because the previous process has already terminated,\nand all performance monitors associated with it have been destroyed and\nfreed.\n\nTo fix this, when the active performance monitor belongs to a given\nprocess, explicitly stop it before destroying and freeing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50187",
"url": "https://www.suse.com/security/cve/CVE-2024-50187"
},
{
"category": "external",
"summary": "SUSE Bug 1233108 for CVE-2024-50187",
"url": "https://bugzilla.suse.com/1233108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50187"
},
{
"cve": "CVE-2024-50194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50194"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Fix uprobes for big-endian kernels\n\nThe arm64 uprobes code is broken for big-endian kernels as it doesn\u0027t\nconvert the in-memory instruction encoding (which is always\nlittle-endian) into the kernel\u0027s native endianness before analyzing and\nsimulating instructions. This may result in a few distinct problems:\n\n* The kernel may may erroneously reject probing an instruction which can\n safely be probed.\n\n* The kernel may erroneously erroneously permit stepping an\n instruction out-of-line when that instruction cannot be stepped\n out-of-line safely.\n\n* The kernel may erroneously simulate instruction incorrectly dur to\n interpretting the byte-swapped encoding.\n\nThe endianness mismatch isn\u0027t caught by the compiler or sparse because:\n\n* The arch_uprobe::{insn,ixol} fields are encoded as arrays of u8, so\n the compiler and sparse have no idea these contain a little-endian\n 32-bit value. The core uprobes code populates these with a memcpy()\n which similarly does not handle endianness.\n\n* While the uprobe_opcode_t type is an alias for __le32, both\n arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() cast from u8[]\n to the similarly-named probe_opcode_t, which is an alias for u32.\n Hence there is no endianness conversion warning.\n\nFix this by changing the arch_uprobe::{insn,ixol} fields to __le32 and\nadding the appropriate __le32_to_cpu() conversions prior to consuming\nthe instruction encoding. The core uprobes copies these fields as opaque\nranges of bytes, and so is unaffected by this change.\n\nAt the same time, remove MAX_UINSN_BYTES and consistently use\nAARCH64_INSN_SIZE for clarity.\n\nTested with the following:\n\n| #include \u003cstdio.h\u003e\n| #include \u003cstdbool.h\u003e\n|\n| #define noinline __attribute__((noinline))\n|\n| static noinline void *adrp_self(void)\n| {\n| void *addr;\n|\n| asm volatile(\n| \" adrp %x0, adrp_self\\n\"\n| \" add %x0, %x0, :lo12:adrp_self\\n\"\n| : \"=r\" (addr));\n| }\n|\n|\n| int main(int argc, char *argv)\n| {\n| void *ptr = adrp_self();\n| bool equal = (ptr == adrp_self);\n|\n| printf(\"adrp_self =\u003e %p\\n\"\n| \"adrp_self() =\u003e %p\\n\"\n| \"%s\\n\",\n| adrp_self, ptr, equal ? \"EQUAL\" : \"NOT EQUAL\");\n|\n| return 0;\n| }\n\n.... where the adrp_self() function was compiled to:\n\n| 00000000004007e0 \u003cadrp_self\u003e:\n| 4007e0: 90000000 adrp x0, 400000 \u003c__ehdr_start\u003e\n| 4007e4: 911f8000 add x0, x0, #0x7e0\n| 4007e8: d65f03c0 ret\n\nBefore this patch, the ADRP is not recognized, and is assumed to be\nsteppable, resulting in corruption of the result:\n\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL\n| # echo \u0027p /root/adrp-self:0x007e0\u0027 \u003e /sys/kernel/tracing/uprobe_events\n| # echo 1 \u003e /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0xffffffffff7e0\n| NOT EQUAL\n\nAfter this patch, the ADRP is correctly recognized and simulated:\n\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL\n| #\n| # echo \u0027p /root/adrp-self:0x007e0\u0027 \u003e /sys/kernel/tracing/uprobe_events\n| # echo 1 \u003e /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50194",
"url": "https://www.suse.com/security/cve/CVE-2024-50194"
},
{
"category": "external",
"summary": "SUSE Bug 1233111 for CVE-2024-50194",
"url": "https://bugzilla.suse.com/1233111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50194"
},
{
"cve": "CVE-2024-50195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50195"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: Fix missing timespec64 check in pc_clock_settime()\n\nAs Andrew pointed out, it will make sense that the PTP core\nchecked timespec64 struct\u0027s tv_sec and tv_nsec range before calling\nptp-\u003einfo-\u003esettime64().\n\nAs the man manual of clock_settime() said, if tp.tv_sec is negative or\ntp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL,\nwhich include dynamic clocks which handles PTP clock, and the condition is\nconsistent with timespec64_valid(). As Thomas suggested, timespec64_valid()\nonly check the timespec is valid, but not ensure that the time is\nin a valid range, so check it ahead using timespec64_valid_strict()\nin pc_clock_settime() and return -EINVAL if not valid.\n\nThere are some drivers that use tp-\u003etv_sec and tp-\u003etv_nsec directly to\nwrite registers without validity checks and assume that the higher layer\nhas checked it, which is dangerous and will benefit from this, such as\nhclge_ptp_settime(), igb_ptp_settime_i210(), _rcar_gen4_ptp_settime(),\nand some drivers can remove the checks of itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50195",
"url": "https://www.suse.com/security/cve/CVE-2024-50195"
},
{
"category": "external",
"summary": "SUSE Bug 1233103 for CVE-2024-50195",
"url": "https://bugzilla.suse.com/1233103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50195"
},
{
"cve": "CVE-2024-50210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50210"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\n\nIf get_clock_desc() succeeds, it calls fget() for the clockid\u0027s fd,\nand get the clk-\u003erwsem read lock, so the error path should release\nthe lock to make the lock balance and fput the clockid\u0027s fd to make\nthe refcount balance and release the fd related resource.\n\nHowever the below commit left the error path locked behind resulting in\nunbalanced locking. Check timespec64_valid_strict() before\nget_clock_desc() to fix it, because the \"ts\" is not changed\nafter that.\n\n[pabeni@redhat.com: fixed commit message typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50210",
"url": "https://www.suse.com/security/cve/CVE-2024-50210"
},
{
"category": "external",
"summary": "SUSE Bug 1233097 for CVE-2024-50210",
"url": "https://bugzilla.suse.com/1233097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50210"
},
{
"cve": "CVE-2024-50218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50218"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: pass u64 to ocfs2_truncate_inline maybe overflow\n\nSyzbot reported a kernel BUG in ocfs2_truncate_inline. There are two\nreasons for this: first, the parameter value passed is greater than\nocfs2_max_inline_data_with_xattr, second, the start and end parameters of\nocfs2_truncate_inline are \"unsigned int\".\n\nSo, we need to add a sanity check for byte_start and byte_len right before\nocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater\nthan ocfs2_max_inline_data_with_xattr return -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50218",
"url": "https://www.suse.com/security/cve/CVE-2024-50218"
},
{
"category": "external",
"summary": "SUSE Bug 1233191 for CVE-2024-50218",
"url": "https://bugzilla.suse.com/1233191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50218"
},
{
"cve": "CVE-2024-50234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlegacy: Clear stale interrupts before resuming device\n\niwl4965 fails upon resume from hibernation on my laptop. The reason\nseems to be a stale interrupt which isn\u0027t being cleared out before\ninterrupts are enabled. We end up with a race beween the resume\ntrying to bring things back up, and the restart work (queued form\nthe interrupt handler) trying to bring things down. Eventually\nthe whole thing blows up.\n\nFix the problem by clearing out any stale interrupts before\ninterrupts get enabled during resume.\n\nHere\u0027s a debug log of the indicent:\n[ 12.042589] ieee80211 phy0: il_isr ISR inta 0x00000080, enabled 0xaa00008b, fh 0x00000000\n[ 12.042625] ieee80211 phy0: il4965_irq_tasklet inta 0x00000080, enabled 0x00000000, fh 0x00000000\n[ 12.042651] iwl4965 0000:10:00.0: RF_KILL bit toggled to enable radio.\n[ 12.042653] iwl4965 0000:10:00.0: On demand firmware reload\n[ 12.042690] ieee80211 phy0: il4965_irq_tasklet End inta 0x00000000, enabled 0xaa00008b, fh 0x00000000, flags 0x00000282\n[ 12.052207] ieee80211 phy0: il4965_mac_start enter\n[ 12.052212] ieee80211 phy0: il_prep_station Add STA to driver ID 31: ff:ff:ff:ff:ff:ff\n[ 12.052244] ieee80211 phy0: il4965_set_hw_ready hardware ready\n[ 12.052324] ieee80211 phy0: il_apm_init Init card\u0027s basic functions\n[ 12.052348] ieee80211 phy0: il_apm_init L1 Enabled; Disabling L0S\n[ 12.055727] ieee80211 phy0: il4965_load_bsm Begin load bsm\n[ 12.056140] ieee80211 phy0: il4965_verify_bsm Begin verify bsm\n[ 12.058642] ieee80211 phy0: il4965_verify_bsm BSM bootstrap uCode image OK\n[ 12.058721] ieee80211 phy0: il4965_load_bsm BSM write complete, poll 1 iterations\n[ 12.058734] ieee80211 phy0: __il4965_up iwl4965 is coming up\n[ 12.058737] ieee80211 phy0: il4965_mac_start Start UP work done.\n[ 12.058757] ieee80211 phy0: __il4965_down iwl4965 is going down\n[ 12.058761] ieee80211 phy0: il_scan_cancel_timeout Scan cancel timeout\n[ 12.058762] ieee80211 phy0: il_do_scan_abort Not performing scan to abort\n[ 12.058765] ieee80211 phy0: il_clear_ucode_stations Clearing ucode stations in driver\n[ 12.058767] ieee80211 phy0: il_clear_ucode_stations No active stations found to be cleared\n[ 12.058819] ieee80211 phy0: _il_apm_stop Stop card, put in low power state\n[ 12.058827] ieee80211 phy0: _il_apm_stop_master stop master\n[ 12.058864] ieee80211 phy0: il4965_clear_free_frames 0 frames on pre-allocated heap on clear.\n[ 12.058869] ieee80211 phy0: Hardware restart was requested\n[ 16.132299] iwl4965 0000:10:00.0: START_ALIVE timeout after 4000ms.\n[ 16.132303] ------------[ cut here ]------------\n[ 16.132304] Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n[ 16.132338] WARNING: CPU: 0 PID: 181 at net/mac80211/util.c:1826 ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132390] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev\n[ 16.132456] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Not tainted 6.11.0-cl+ #143\n[ 16.132460] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010\n[ 16.132463] Workqueue: async async_run_entry_fn\n[ 16.132469] RIP: 0010:ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132501] Code: da 02 00 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50234",
"url": "https://www.suse.com/security/cve/CVE-2024-50234"
},
{
"category": "external",
"summary": "SUSE Bug 1233211 for CVE-2024-50234",
"url": "https://bugzilla.suse.com/1233211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50234"
},
{
"cve": "CVE-2024-50236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50236"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: Fix memory leak in management tx\n\nIn the current logic, memory is allocated for storing the MSDU context\nduring management packet TX but this memory is not being freed during\nmanagement TX completion. Similar leaks are seen in the management TX\ncleanup logic.\n\nKmemleak reports this problem as below,\n\nunreferenced object 0xffffff80b64ed250 (size 16):\n comm \"kworker/u16:7\", pid 148, jiffies 4294687130 (age 714.199s)\n hex dump (first 16 bytes):\n 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t......\n backtrace:\n [\u003cffffffe6e7b245dc\u003e] __kmem_cache_alloc_node+0x1e4/0x2d8\n [\u003cffffffe6e7adde88\u003e] kmalloc_trace+0x48/0x110\n [\u003cffffffe6bbd765fc\u003e] ath10k_wmi_tlv_op_gen_mgmt_tx_send+0xd4/0x1d8 [ath10k_core]\n [\u003cffffffe6bbd3eed4\u003e] ath10k_mgmt_over_wmi_tx_work+0x134/0x298 [ath10k_core]\n [\u003cffffffe6e78d5974\u003e] process_scheduled_works+0x1ac/0x400\n [\u003cffffffe6e78d60b8\u003e] worker_thread+0x208/0x328\n [\u003cffffffe6e78dc890\u003e] kthread+0x100/0x1c0\n [\u003cffffffe6e78166c0\u003e] ret_from_fork+0x10/0x20\n\nFree the memory during completion and cleanup to fix the leak.\n\nProtect the mgmt_pending_tx idr_remove() operation in\nath10k_wmi_tlv_op_cleanup_mgmt_tx_send() using ar-\u003edata_lock similar to\nother instances.\n\nTested-on: WCN3990 hw1.0 SNOC WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50236",
"url": "https://www.suse.com/security/cve/CVE-2024-50236"
},
{
"category": "external",
"summary": "SUSE Bug 1233212 for CVE-2024-50236",
"url": "https://bugzilla.suse.com/1233212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50236"
},
{
"cve": "CVE-2024-50237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: do not pass a stopped vif to the driver in .get_txpower\n\nAvoid potentially crashing in the driver because of uninitialized private data",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50237",
"url": "https://www.suse.com/security/cve/CVE-2024-50237"
},
{
"category": "external",
"summary": "SUSE Bug 1233216 for CVE-2024-50237",
"url": "https://bugzilla.suse.com/1233216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50237"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
},
{
"cve": "CVE-2024-50265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50265"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()\n\nSyzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove():\n\n[ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12\n[ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. Leaking 1 clusters and removing the entry\n[ 57.321727] BUG: kernel NULL pointer dereference, address: 0000000000000004\n[...]\n[ 57.325727] RIP: 0010:ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[...]\n[ 57.331328] Call Trace:\n[ 57.331477] \u003cTASK\u003e\n[...]\n[ 57.333511] ? do_user_addr_fault+0x3e5/0x740\n[ 57.333778] ? exc_page_fault+0x70/0x170\n[ 57.334016] ? asm_exc_page_fault+0x2b/0x30\n[ 57.334263] ? __pfx_ocfs2_xa_block_wipe_namevalue+0x10/0x10\n[ 57.334596] ? ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[ 57.334913] ocfs2_xa_remove_entry+0x23/0xc0\n[ 57.335164] ocfs2_xa_set+0x704/0xcf0\n[ 57.335381] ? _raw_spin_unlock+0x1a/0x40\n[ 57.335620] ? ocfs2_inode_cache_unlock+0x16/0x20\n[ 57.335915] ? trace_preempt_on+0x1e/0x70\n[ 57.336153] ? start_this_handle+0x16c/0x500\n[ 57.336410] ? preempt_count_sub+0x50/0x80\n[ 57.336656] ? _raw_read_unlock+0x20/0x40\n[ 57.336906] ? start_this_handle+0x16c/0x500\n[ 57.337162] ocfs2_xattr_block_set+0xa6/0x1e0\n[ 57.337424] __ocfs2_xattr_set_handle+0x1fd/0x5d0\n[ 57.337706] ? ocfs2_start_trans+0x13d/0x290\n[ 57.337971] ocfs2_xattr_set+0xb13/0xfb0\n[ 57.338207] ? dput+0x46/0x1c0\n[ 57.338393] ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338665] ? ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338948] __vfs_removexattr+0x92/0xc0\n[ 57.339182] __vfs_removexattr_locked+0xd5/0x190\n[ 57.339456] ? preempt_count_sub+0x50/0x80\n[ 57.339705] vfs_removexattr+0x5f/0x100\n[...]\n\nReproducer uses faultinject facility to fail ocfs2_xa_remove() -\u003e\nocfs2_xa_value_truncate() with -ENOMEM.\n\nIn this case the comment mentions that we can return 0 if\nocfs2_xa_cleanup_value_truncate() is going to wipe the entry\nanyway. But the following \u0027rc\u0027 check is wrong and execution flow do\n\u0027ocfs2_xa_remove_entry(loc);\u0027 twice:\n* 1st: in ocfs2_xa_cleanup_value_truncate();\n* 2nd: returning back to ocfs2_xa_remove() instead of going to \u0027out\u0027.\n\nFix this by skipping the 2nd removal of the same entry and making\nsyzkaller repro happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50265",
"url": "https://www.suse.com/security/cve/CVE-2024-50265"
},
{
"category": "external",
"summary": "SUSE Bug 1233454 for CVE-2024-50265",
"url": "https://bugzilla.suse.com/1233454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50265"
},
{
"cve": "CVE-2024-50267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50267"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(\u0026urb-\u003edev-\u003edev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer. Store the \"dev\" pointer at the\nstart of the function to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50267",
"url": "https://www.suse.com/security/cve/CVE-2024-50267"
},
{
"category": "external",
"summary": "SUSE Bug 1233456 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "external",
"summary": "SUSE Bug 1233711 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50267"
},
{
"cve": "CVE-2024-50273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reinitialize delayed ref list after deleting it from the list\n\nAt insert_delayed_ref() if we need to update the action of an existing\nref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head\u0027s\nref_add_list using list_del(), which leaves the ref\u0027s add_list member\nnot reinitialized, as list_del() sets the next and prev members of the\nlist to LIST_POISON1 and LIST_POISON2, respectively.\n\nIf later we end up calling drop_delayed_ref() against the ref, which can\nhappen during merging or when destroying delayed refs due to a transaction\nabort, we can trigger a crash since at drop_delayed_ref() we call\nlist_empty() against the ref\u0027s add_list, which returns false since\nthe list was not reinitialized after the list_del() and as a consequence\nwe call list_del() again at drop_delayed_ref(). This results in an\ninvalid list access since the next and prev members are set to poison\npointers, resulting in a splat if CONFIG_LIST_HARDENED and\nCONFIG_DEBUG_LIST are set or invalid poison pointer dereferences\notherwise.\n\nSo fix this by deleting from the list with list_del_init() instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50273",
"url": "https://www.suse.com/security/cve/CVE-2024-50273"
},
{
"category": "external",
"summary": "SUSE Bug 1233462 for CVE-2024-50273",
"url": "https://bugzilla.suse.com/1233462"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50273"
},
{
"cve": "CVE-2024-50278",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50278"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix potential out-of-bounds access on the first resume\n\nOut-of-bounds access occurs if the fast device is expanded unexpectedly\nbefore the first-time resume of the cache table. This happens because\nexpanding the fast device requires reloading the cache table for\ncache_create to allocate new in-core data structures that fit the new\nsize, and the check in cache_preresume is not performed during the\nfirst resume, leading to the issue.\n\nReproduce steps:\n\n1. prepare component devices:\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\n\n2. load a cache table of 512 cache blocks, and deliberately expand the\n fast device before resuming the cache, making the in-core data\n structures inadequate.\n\ndmsetup create cache --notable\ndmsetup reload cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\ndmsetup reload cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\n3. suspend the cache to write out the in-core dirty bitset and hint\n array, leading to out-of-bounds access to the dirty bitset at offset\n 0x40:\n\ndmsetup suspend cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in is_dirty_callback+0x2b/0x80\n Read of size 8 at addr ffffc90000085040 by task dmsetup/90\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc90000085000, ffffc90000087000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc90000084f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000084f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n \u003effffc90000085000: 00 00 00 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc90000085080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000085100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by checking the size change on the first resume.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50278",
"url": "https://www.suse.com/security/cve/CVE-2024-50278"
},
{
"category": "external",
"summary": "SUSE Bug 1233467 for CVE-2024-50278",
"url": "https://bugzilla.suse.com/1233467"
},
{
"category": "external",
"summary": "SUSE Bug 1233709 for CVE-2024-50278",
"url": "https://bugzilla.suse.com/1233709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50278"
},
{
"cve": "CVE-2024-50279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix out-of-bounds access to the dirty bitset when resizing\n\ndm-cache checks the dirty bits of the cache blocks to be dropped when\nshrinking the fast device, but an index bug in bitset iteration causes\nout-of-bounds access.\n\nReproduce steps:\n\n1. create a cache device of 1024 cache blocks (128 bytes dirty bitset)\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. shrink the fast device to 512 cache blocks, triggering out-of-bounds\n access to the dirty bitset (offset 0x80)\n\ndmsetup suspend cache\ndmsetup reload cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0\n Read of size 8 at addr ffffc900000f3080 by task dmsetup/131\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc900000f3000, ffffc900000f5000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by making the index post-incremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50279",
"url": "https://www.suse.com/security/cve/CVE-2024-50279"
},
{
"category": "external",
"summary": "SUSE Bug 1233468 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "external",
"summary": "SUSE Bug 1233708 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50279"
},
{
"cve": "CVE-2024-50289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50289"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: av7110: fix a spectre vulnerability\n\nAs warned by smatch:\n\tdrivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue \u0027av7110-\u003eci_slot\u0027 [w] (local cap)\n\nThere is a spectre-related vulnerability at the code. Fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50289",
"url": "https://www.suse.com/security/cve/CVE-2024-50289"
},
{
"category": "external",
"summary": "SUSE Bug 1233478 for CVE-2024-50289",
"url": "https://bugzilla.suse.com/1233478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50289"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when uninstalling driver\n\nWhen the driver is uninstalled and the VF is disabled concurrently, a\nkernel crash occurs. The reason is that the two actions call function\npci_disable_sriov(). The num_VFs is checked to determine whether to\nrelease the corresponding resources. During the second calling, num_VFs\nis not 0 and the resource release function is called. However, the\ncorresponding resource has been released during the first invoking.\nTherefore, the problem occurs:\n\n[15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n...\n[15278.131557][T50670] Call trace:\n[15278.134686][T50670] klist_put+0x28/0x12c\n[15278.138682][T50670] klist_del+0x14/0x20\n[15278.142592][T50670] device_del+0xbc/0x3c0\n[15278.146676][T50670] pci_remove_bus_device+0x84/0x120\n[15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80\n[15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c\n[15278.162485][T50670] sriov_disable+0x50/0x11c\n[15278.166829][T50670] pci_disable_sriov+0x24/0x30\n[15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3]\n[15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge]\n[15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230\n[15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30\n[15278.193848][T50670] invoke_syscall+0x50/0x11c\n[15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164\n[15278.203837][T50670] do_el0_svc+0x34/0xcc\n[15278.207834][T50670] el0_svc+0x20/0x30\n\nFor details, see the following figure.\n\n rmmod hclge disable VFs\n----------------------------------------------------\nhclge_exit() sriov_numvfs_store()\n ... device_lock()\n pci_disable_sriov() hns3_pci_sriov_configure()\n pci_disable_sriov()\n sriov_disable()\n sriov_disable() if !num_VFs :\n if !num_VFs : return;\n return; sriov_del_vfs()\n sriov_del_vfs() ...\n ... klist_put()\n klist_put() ...\n ... num_VFs = 0;\n num_VFs = 0; device_unlock();\n\nIn this patch, when driver is removing, we get the device_lock()\nto protect num_VFs, just like sriov_numvfs_store().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50296",
"url": "https://www.suse.com/security/cve/CVE-2024-50296"
},
{
"category": "external",
"summary": "SUSE Bug 1233485 for CVE-2024-50296",
"url": "https://bugzilla.suse.com/1233485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50296"
},
{
"cve": "CVE-2024-50301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern \u00270xxxxxxxe6\u0027.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node-\u003eback_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------\u003e+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50301",
"url": "https://www.suse.com/security/cve/CVE-2024-50301"
},
{
"category": "external",
"summary": "SUSE Bug 1233490 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "external",
"summary": "SUSE Bug 1233680 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50301"
},
{
"cve": "CVE-2024-50302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let\u0027s\nzero-initialize it during allocation to make sure that it can\u0027t be ever used\nto leak kernel memory via specially-crafted report.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50302",
"url": "https://www.suse.com/security/cve/CVE-2024-50302"
},
{
"category": "external",
"summary": "SUSE Bug 1233491 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "external",
"summary": "SUSE Bug 1233679 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2024-53058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data\n\nIn case the non-paged data of a SKB carries protocol header and protocol\npayload to be transmitted on a certain platform that the DMA AXI address\nwidth is configured to 40-bit/48-bit, or the size of the non-paged data\nis bigger than TSO_MAX_BUFF_SIZE on a certain platform that the DMA AXI\naddress width is configured to 32-bit, then this SKB requires at least\ntwo DMA transmit descriptors to serve it.\n\nFor example, three descriptors are allocated to split one DMA buffer\nmapped from one piece of non-paged data:\n dma_desc[N + 0],\n dma_desc[N + 1],\n dma_desc[N + 2].\nThen three elements of tx_q-\u003etx_skbuff_dma[] will be allocated to hold\nextra information to be reused in stmmac_tx_clean():\n tx_q-\u003etx_skbuff_dma[N + 0],\n tx_q-\u003etx_skbuff_dma[N + 1],\n tx_q-\u003etx_skbuff_dma[N + 2].\nNow we focus on tx_q-\u003etx_skbuff_dma[entry].buf, which is the DMA buffer\naddress returned by DMA mapping call. stmmac_tx_clean() will try to\nunmap the DMA buffer _ONLY_IF_ tx_q-\u003etx_skbuff_dma[entry].buf\nis a valid buffer address.\n\nThe expected behavior that saves DMA buffer address of this non-paged\ndata to tx_q-\u003etx_skbuff_dma[entry].buf is:\n tx_q-\u003etx_skbuff_dma[N + 0].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 1].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 2].buf = dma_map_single();\nUnfortunately, the current code misbehaves like this:\n tx_q-\u003etx_skbuff_dma[N + 0].buf = dma_map_single();\n tx_q-\u003etx_skbuff_dma[N + 1].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 2].buf = NULL;\n\nOn the stmmac_tx_clean() side, when dma_desc[N + 0] is closed by the\nDMA engine, tx_q-\u003etx_skbuff_dma[N + 0].buf is a valid buffer address\nobviously, then the DMA buffer will be unmapped immediately.\nThere may be a rare case that the DMA engine does not finish the\npending dma_desc[N + 1], dma_desc[N + 2] yet. Now things will go\nhorribly wrong, DMA is going to access a unmapped/unreferenced memory\nregion, corrupted data will be transmited or iommu fault will be\ntriggered :(\n\nIn contrast, the for-loop that maps SKB fragments behaves perfectly\nas expected, and that is how the driver should do for both non-paged\ndata and paged frags actually.\n\nThis patch corrects DMA map/unmap sequences by fixing the array index\nfor tx_q-\u003etx_skbuff_dma[entry].buf when assigning DMA buffer address.\n\nTested and verified on DWXGMAC CORE 3.20a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53058",
"url": "https://www.suse.com/security/cve/CVE-2024-53058"
},
{
"category": "external",
"summary": "SUSE Bug 1233552 for CVE-2024-53058",
"url": "https://bugzilla.suse.com/1233552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53058"
},
{
"cve": "CVE-2024-53061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: s5p-jpeg: prevent buffer overflows\n\nThe current logic allows word to be less than 2. If this happens,\nthere will be buffer overflows, as reported by smatch. Add extra\nchecks to prevent it.\n\nWhile here, remove an unused word = 0 assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53061",
"url": "https://www.suse.com/security/cve/CVE-2024-53061"
},
{
"category": "external",
"summary": "SUSE Bug 1233555 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "external",
"summary": "SUSE Bug 1233621 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-53061"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: Fix KMSAN warning in decode_getfattr_attrs()\n\nFix the following KMSAN warning:\n\nCPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B\nTainted: [B]=BAD_PAGE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n=====================================================\n=====================================================\nBUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_generic+0x806/0xb00\n nfs4_xdr_dec_getattr+0x1de/0x240\n rpcauth_unwrap_resp_decode+0xab/0x100\n rpcauth_unwrap_resp+0x95/0xc0\n call_decode+0x4ff/0xb50\n __rpc_execute+0x57b/0x19d0\n rpc_execute+0x368/0x5e0\n rpc_run_task+0xcfe/0xee0\n nfs4_proc_getattr+0x5b5/0x990\n __nfs_revalidate_inode+0x477/0xd00\n nfs_access_get_cached+0x1021/0x1cc0\n nfs_do_access+0x9f/0xae0\n nfs_permission+0x1e4/0x8c0\n inode_permission+0x356/0x6c0\n link_path_walk+0x958/0x1330\n path_lookupat+0xce/0x6b0\n filename_lookup+0x23e/0x770\n vfs_statx+0xe7/0x970\n vfs_fstatat+0x1f2/0x2c0\n __se_sys_newfstatat+0x67/0x880\n __x64_sys_newfstatat+0xbd/0x120\n x64_sys_call+0x1826/0x3cf0\n do_syscall_64+0xd0/0x1b0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe KMSAN warning is triggered in decode_getfattr_attrs(), when calling\ndecode_attr_mdsthreshold(). It appears that fattr-\u003emdsthreshold is not\ninitialized.\n\nFix the issue by initializing fattr-\u003emdsthreshold to NULL in\nnfs_fattr_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53066",
"url": "https://www.suse.com/security/cve/CVE-2024-53066"
},
{
"category": "external",
"summary": "SUSE Bug 1233560 for CVE-2024-53066",
"url": "https://bugzilla.suse.com/1233560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53066"
},
{
"cve": "CVE-2024-53085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Lock TPM chip in tpm_pm_suspend() first\n\nSetting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy\naccording, as this leaves window for tpm_hwrng_read() to be called while\nthe operation is in progress. The recent bug report gives also evidence of\nthis behaviour.\n\nAadress this by locking the TPM chip before checking any chip-\u003eflags both\nin tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED\ncheck inside tpm_get_random() so that it will be always checked only when\nthe lock is reserved.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53085",
"url": "https://www.suse.com/security/cve/CVE-2024-53085"
},
{
"category": "external",
"summary": "SUSE Bug 1233577 for CVE-2024-53085",
"url": "https://bugzilla.suse.com/1233577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53085"
},
{
"cve": "CVE-2024-53088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix race condition by adding filter\u0027s intermediate sync state\n\nFix a race condition in the i40e driver that leads to MAC/VLAN filters\nbecoming corrupted and leaking. Address the issue that occurs under\nheavy load when multiple threads are concurrently modifying MAC/VLAN\nfilters by setting mac and port VLAN.\n\n1. Thread T0 allocates a filter in i40e_add_filter() within\n i40e_ndo_set_vf_port_vlan().\n2. Thread T1 concurrently frees the filter in __i40e_del_filter() within\n i40e_ndo_set_vf_mac().\n3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which\n refers to the already freed filter memory, causing corruption.\n\nReproduction steps:\n1. Spawn multiple VFs.\n2. Apply a concurrent heavy load by running parallel operations to change\n MAC addresses on the VFs and change port VLANs on the host.\n3. Observe errors in dmesg:\n\"Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,\n\tplease set promiscuous on manually for VF XX\".\n\nExact code for stable reproduction Intel can\u0027t open-source now.\n\nThe fix involves implementing a new intermediate filter state,\nI40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list.\nThese filters cannot be deleted from the hash list directly but\nmust be removed using the full process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53088",
"url": "https://www.suse.com/security/cve/CVE-2024-53088"
},
{
"category": "external",
"summary": "SUSE Bug 1233580 for CVE-2024-53088",
"url": "https://bugzilla.suse.com/1233580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53088"
},
{
"cve": "CVE-2024-53104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format\n\nThis can lead to out of bounds writes since frames of this type were not\ntaken into account when calculating the size of the frames buffer in\nuvc_parse_streaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53104",
"url": "https://www.suse.com/security/cve/CVE-2024-53104"
},
{
"category": "external",
"summary": "SUSE Bug 1234025 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "external",
"summary": "SUSE Bug 1236783 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1236783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-53104"
},
{
"cve": "CVE-2024-53114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client\n\nA number of Zen4 client SoCs advertise the ability to use virtualized\nVMLOAD/VMSAVE, but using these instructions is reported to be a cause\nof a random host reboot.\n\nThese instructions aren\u0027t intended to be advertised on Zen4 client\nso clear the capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53114",
"url": "https://www.suse.com/security/cve/CVE-2024-53114"
},
{
"category": "external",
"summary": "SUSE Bug 1234072 for CVE-2024-53114",
"url": "https://bugzilla.suse.com/1234072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53114"
},
{
"cve": "CVE-2024-53142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninitramfs: avoid filename buffer overrun\n\nThe initramfs filename field is defined in\nDocumentation/driver-api/early-userspace/buffer-format.rst as:\n\n 37 cpio_file := ALGN(4) + cpio_header + filename + \"\\0\" + ALGN(4) + data\n...\n 55 ============= ================== =========================\n 56 Field name Field size Meaning\n 57 ============= ================== =========================\n...\n 70 c_namesize 8 bytes Length of filename, including final \\0\n\nWhen extracting an initramfs cpio archive, the kernel\u0027s do_name() path\nhandler assumes a zero-terminated path at @collected, passing it\ndirectly to filp_open() / init_mkdir() / init_mknod().\n\nIf a specially crafted cpio entry carries a non-zero-terminated filename\nand is followed by uninitialized memory, then a file may be created with\ntrailing characters that represent the uninitialized memory. The ability\nto create an initramfs entry would imply already having full control of\nthe system, so the buffer overrun shouldn\u0027t be considered a security\nvulnerability.\n\nAppend the output of the following bash script to an existing initramfs\nand observe any created /initramfs_test_fname_overrunAA* path. E.g.\n ./reproducer.sh | gzip \u003e\u003e /myinitramfs\n\nIt\u0027s easiest to observe non-zero uninitialized memory when the output is\ngzipped, as it\u0027ll overflow the heap allocated @out_buf in __gunzip(),\nrather than the initrd_start+initrd_size block.\n\n---- reproducer.sh ----\nnilchar=\"A\"\t# change to \"\\0\" to properly zero terminate / pad\nmagic=\"070701\"\nino=1\nmode=$(( 0100777 ))\nuid=0\ngid=0\nnlink=1\nmtime=1\nfilesize=0\ndevmajor=0\ndevminor=1\nrdevmajor=0\nrdevminor=0\ncsum=0\nfname=\"initramfs_test_fname_overrun\"\nnamelen=$(( ${#fname} + 1 ))\t# plus one to account for terminator\n\nprintf \"%s%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%s\" \\\n\t$magic $ino $mode $uid $gid $nlink $mtime $filesize \\\n\t$devmajor $devminor $rdevmajor $rdevminor $namelen $csum $fname\n\ntermpadlen=$(( 1 + ((4 - ((110 + $namelen) \u0026 3)) % 4) ))\nprintf \"%.s${nilchar}\" $(seq 1 $termpadlen)\n---- reproducer.sh ----\n\nSymlink filename fields handled in do_symlink() won\u0027t overrun past the\ndata segment, due to the explicit zero-termination of the symlink\ntarget.\n\nFix filename buffer overrun by aborting the initramfs FSM if any cpio\nentry doesn\u0027t carry a zero-terminator at the expected (name_len - 1)\noffset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53142",
"url": "https://www.suse.com/security/cve/CVE-2024-53142"
},
{
"category": "external",
"summary": "SUSE Bug 1232436 for CVE-2024-53142",
"url": "https://bugzilla.suse.com/1232436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53142"
}
]
}
gsd-2021-47162
Vulnerability from gsd
Modified
2024-04-03 05:03
Details
In the Linux kernel, the following vulnerability has been resolved:
tipc: skb_linearize the head skb when reassembling msgs
It's not a good idea to append the frag skb to a skb's frag_list if
the frag_list already has skbs from elsewhere, such as this skb was
created by pskb_copy() where the frag_list was cloned (all the skbs
in it were skb_get'ed) and shared by multiple skbs.
However, the new appended frag skb should have been only seen by the
current skb. Otherwise, it will cause use after free crashes as this
appended frag skb are seen by multiple skbs but it only got skb_get
called once.
The same thing happens with a skb updated by pskb_may_pull() with a
skb_cloned skb. Li Shuang has reported quite a few crashes caused
by this when doing testing over macvlan devices:
[] kernel BUG at net/core/skbuff.c:1970!
[] Call Trace:
[] skb_clone+0x4d/0xb0
[] macvlan_broadcast+0xd8/0x160 [macvlan]
[] macvlan_process_broadcast+0x148/0x150 [macvlan]
[] process_one_work+0x1a7/0x360
[] worker_thread+0x30/0x390
[] kernel BUG at mm/usercopy.c:102!
[] Call Trace:
[] __check_heap_object+0xd3/0x100
[] __check_object_size+0xff/0x16b
[] simple_copy_to_iter+0x1c/0x30
[] __skb_datagram_iter+0x7d/0x310
[] __skb_datagram_iter+0x2a5/0x310
[] skb_copy_datagram_iter+0x3b/0x90
[] tipc_recvmsg+0x14a/0x3a0 [tipc]
[] ____sys_recvmsg+0x91/0x150
[] ___sys_recvmsg+0x7b/0xc0
[] kernel BUG at mm/slub.c:305!
[] Call Trace:
[] <IRQ>
[] kmem_cache_free+0x3ff/0x400
[] __netif_receive_skb_core+0x12c/0xc40
[] ? kmem_cache_alloc+0x12e/0x270
[] netif_receive_skb_internal+0x3d/0xb0
[] ? get_rx_page_info+0x8e/0xa0 [be2net]
[] be_poll+0x6ef/0xd00 [be2net]
[] ? irq_exit+0x4f/0x100
[] net_rx_action+0x149/0x3b0
...
This patch is to fix it by linearizing the head skb if it has frag_list
set in tipc_buf_append(). Note that we choose to do this before calling
skb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can
not just drop the frag_list either as the early time.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-47162"
],
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"id": "GSD-2021-47162",
"modified": "2024-04-03T05:03:54.980937Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@kernel.org",
"ID": "CVE-2021-47162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "45c8b7b175ce",
"version_value": "b2c8d28c34b3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"status": "affected",
"version": "4.3"
},
{
"lessThan": "4.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.271",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.271",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.235",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.193",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.124",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.42",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.9",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix"
}
]
}
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time."
}
]
},
"generator": {
"engine": "bippy-b4257b672505"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
},
{
"name": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
},
{
"name": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
},
{
"name": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
},
{
"name": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
},
{
"name": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
},
{
"name": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
},
{
"name": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: skb_linearize el skb principal al volver a ensamblar mensajes No es una buena idea agregar el frag skb a la frag_list de un skb si la frag_list ya tiene skbs de otro lugar, como por ejemplo este skb fue creado por pskb_copy() donde se clon\u00f3 frag_list (todos los skbs que conten\u00eda fueron skb_get\u0027ed) y se comparti\u00f3 con varios skbs. Sin embargo, el nuevo fragmento skb adjunto solo deber\u00eda haber sido visto por el skb actual. De lo contrario, causar\u00e1 uso despu\u00e9s de fallas gratuitas, ya que varios skbs ven este fragmento skb agregado, pero solo se llam\u00f3 a skb_get una vez. Lo mismo sucede con un skb actualizado por pskb_may_pull() con un skb skb_cloned. Li Shuang ha informado de bastantes fallos causados por esto al realizar pruebas en dispositivos macvlan: [] \u00a1ERROR del kernel en net/core/skbuff.c:1970! [] Seguimiento de llamadas: [] skb_clone+0x4d/0xb0 [] macvlan_broadcast+0xd8/0x160 [macvlan] [] macvlan_process_broadcast+0x148/0x150 [macvlan] [] Process_one_work+0x1a7/0x360 [] trabajador_thread+0x30/0x390 [] ERROR del kernel en mm/usercopy.c:102! [] Seguimiento de llamadas: [] __check_heap_object+0xd3/0x100 [] __check_object_size+0xff/0x16b [] simple_copy_to_iter+0x1c/0x30 [] __skb_datagram_iter+0x7d/0x310 [] __skb_datagram_iter+0x2a5/0x310 [] skb_copy_datagram _iter+0x3b/0x90 [] tipc_recvmsg +0x14a/0x3a0 [tipc] [] ____sys_recvmsg+0x91/0x150 [] ___sys_recvmsg+0x7b/0xc0 [] \u00a1ERROR del kernel en mm/slub.c:305! [] Seguimiento de llamadas: [] [] kmem_cache_free+0x3ff/0x400 [] __netif_receive_skb_core+0x12c/0xc40 [] ? kmem_cache_alloc+0x12e/0x270 [] netif_receive_skb_internal+0x3d/0xb0 [] ? get_rx_page_info+0x8e/0xa0 [be2net] [] be_poll+0x6ef/0xd00 [be2net] [] ? irq_exit+0x4f/0x100 [] net_rx_action+0x149/0x3b0 ... Este parche es para solucionarlo linealizando el skb principal si tiene frag_list configurado en tipc_buf_append(). Tenga en cuenta que elegimos hacer esto antes de llamar a skb_unshare(), ya que __skb_linearize() evitar\u00e1 skb_copy(). Adem\u00e1s, tampoco podemos simplemente eliminar frag_list desde el principio."
}
],
"id": "CVE-2021-47162",
"lastModified": "2024-03-25T13:47:14.087",
"metrics": {},
"published": "2024-03-25T10:15:08.480",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
}
}
}
wid-sec-w-2025-0225
Vulnerability from csaf_certbund
Published
2025-01-30 23:00
Modified
2025-08-04 22:00
Summary
Dell PowerProtect Data Domain: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell PowerProtect Data Domain Appliances sind speziell für Backup und Daten-Deduplizierung ausgelegte Systeme.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um erhöhte Rechte zu erlangen, einen Denial-of-Service-Zustand herbeizuführen und einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell PowerProtect Data Domain Appliances sind speziell f\u00fcr Backup und Daten-Deduplizierung ausgelegte Systeme.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um erh\u00f6hte Rechte zu erlangen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0225 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0225.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0225 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0225"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-022 vom 2025-01-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2804 vom 2025-04-02",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2804.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7429-2 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7429-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7429-1 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7429-1"
},
{
"category": "external",
"summary": "Security Update for Dell PowerProtect Data Domain",
"url": "https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Dell PowerProtect Data Domain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-04T22:00:00.000+00:00",
"generator": {
"date": "2025-08-05T07:21:04.568+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0225",
"initial_release_date": "2025-01-30T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-30T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.3.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.3.0.0",
"product_id": "T040718"
}
},
{
"category": "product_version",
"name": "8.3.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.3.0.0",
"product_id": "T040718-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.3.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.20",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.20",
"product_id": "T040719"
}
},
{
"category": "product_version",
"name": "7.13.1.20",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.20",
"product_id": "T040719-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.20"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.50",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.50",
"product_id": "T040721"
}
},
{
"category": "product_version",
"name": "7.10.1.50",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.50",
"product_id": "T040721-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.50"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T045852",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain Management Center",
"product": {
"name": "Dell PowerProtect Data Domain Management Center",
"product_id": "T045853",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain_management_center:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain OS",
"product": {
"name": "Dell PowerProtect Data Domain OS",
"product_id": "T045854",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-4235",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2013-4235"
},
{
"cve": "CVE-2015-8100",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2015-8100"
},
{
"cve": "CVE-2017-9271",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2017-9271"
},
{
"cve": "CVE-2018-6798",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2018-6798"
},
{
"cve": "CVE-2018-6913",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2018-6913"
},
{
"cve": "CVE-2019-20633",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2019-20633"
},
{
"cve": "CVE-2019-20892",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2019-20892"
},
{
"cve": "CVE-2020-12762",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2020-12762"
},
{
"cve": "CVE-2020-15861",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2020-15861"
},
{
"cve": "CVE-2020-15862",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2020-15862"
},
{
"cve": "CVE-2021-3521",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-3521"
},
{
"cve": "CVE-2021-37750",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-37750"
},
{
"cve": "CVE-2021-46933",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-46933"
},
{
"cve": "CVE-2021-46955",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-46955"
},
{
"cve": "CVE-2021-47074",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47074"
},
{
"cve": "CVE-2021-47113",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47113"
},
{
"cve": "CVE-2021-47131",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47131"
},
{
"cve": "CVE-2021-47162",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47171",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47188",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47206",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47206"
},
{
"cve": "CVE-2021-47220",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47220"
},
{
"cve": "CVE-2021-47229",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47229"
},
{
"cve": "CVE-2021-47231",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47231"
},
{
"cve": "CVE-2021-47235",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47235"
},
{
"cve": "CVE-2022-2601",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-2601"
},
{
"cve": "CVE-2022-3775",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-3775"
},
{
"cve": "CVE-2022-44792",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-44792"
},
{
"cve": "CVE-2022-44793",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-44793"
},
{
"cve": "CVE-2022-48566",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-48566"
},
{
"cve": "CVE-2023-27043",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-28074",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-28074"
},
{
"cve": "CVE-2023-3164",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-3164"
},
{
"cve": "CVE-2023-36632",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-36632"
},
{
"cve": "CVE-2023-4421",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-4421"
},
{
"cve": "CVE-2023-44487",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45288",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-45733",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45733"
},
{
"cve": "CVE-2023-45745",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45745"
},
{
"cve": "CVE-2023-45918",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45918"
},
{
"cve": "CVE-2023-46103",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-46103"
},
{
"cve": "CVE-2023-4692",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-4692"
},
{
"cve": "CVE-2023-47233",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-47855",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-47855"
},
{
"cve": "CVE-2023-49083",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-50782",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-50782"
},
{
"cve": "CVE-2023-52425",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2023-52428",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2023-52527",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52527"
},
{
"cve": "CVE-2023-52586",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52586"
},
{
"cve": "CVE-2023-52591",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52646",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52653",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52655",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52664",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52685",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52685"
},
{
"cve": "CVE-2023-52686",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52691",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52696",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52698",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52703",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52703"
},
{
"cve": "CVE-2023-52730",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52730"
},
{
"cve": "CVE-2023-52732",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52732"
},
{
"cve": "CVE-2023-52741",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52741"
},
{
"cve": "CVE-2023-52742",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52742"
},
{
"cve": "CVE-2023-52747",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52747"
},
{
"cve": "CVE-2023-52759",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52774",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52781",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52796",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52803",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52803"
},
{
"cve": "CVE-2023-52821",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52821"
},
{
"cve": "CVE-2023-52864",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52867",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52875",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52880",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52880"
},
{
"cve": "CVE-2023-5388",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-5388"
},
{
"cve": "CVE-2023-5752",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2023-5992",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-5992"
},
{
"cve": "CVE-2023-6597",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2024-0397",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0397"
},
{
"cve": "CVE-2024-0450",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-0639",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-0727",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-1737",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-1737"
},
{
"cve": "CVE-2024-1975",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-1975"
},
{
"cve": "CVE-2024-2004",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2004"
},
{
"cve": "CVE-2024-20696",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-20696"
},
{
"cve": "CVE-2024-22195",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-22195"
},
{
"cve": "CVE-2024-2398",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-24577",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-24577"
},
{
"cve": "CVE-2024-24790",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-24790"
},
{
"cve": "CVE-2024-2511",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-25710",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26130",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26458",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26458"
},
{
"cve": "CVE-2024-26461",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26461"
},
{
"cve": "CVE-2024-26625",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26739",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26752",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26752"
},
{
"cve": "CVE-2024-26775",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26775"
},
{
"cve": "CVE-2024-26791",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26828",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26846",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26846"
},
{
"cve": "CVE-2024-26874",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26874"
},
{
"cve": "CVE-2024-26876",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26876"
},
{
"cve": "CVE-2024-26900",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26915",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26915"
},
{
"cve": "CVE-2024-26920",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26921",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26929",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26934",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26957",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26984",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26996",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-27008",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27054",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27059",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27062",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27388",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27396",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27398",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27401",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27401"
},
{
"cve": "CVE-2024-27419",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27436",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-28085",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-28182",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-2961",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-32487",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-32487"
},
{
"cve": "CVE-2024-33599",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-33871",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33871"
},
{
"cve": "CVE-2024-34062",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-34062"
},
{
"cve": "CVE-2024-34064",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-34459",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-34459"
},
{
"cve": "CVE-2024-35195",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-35235",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35235"
},
{
"cve": "CVE-2024-35789",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35791",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35791"
},
{
"cve": "CVE-2024-35809",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35809"
},
{
"cve": "CVE-2024-35811",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35830",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35830"
},
{
"cve": "CVE-2024-35849",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35877",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35878",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35887",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35887"
},
{
"cve": "CVE-2024-35895",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35914",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-35932",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35932"
},
{
"cve": "CVE-2024-35935",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35944",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35955",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35969",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35982",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-36015",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36029",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-36029"
},
{
"cve": "CVE-2024-3651",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-3651"
},
{
"cve": "CVE-2024-36954",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-36954"
},
{
"cve": "CVE-2024-37370",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37891",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38428",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-38428"
},
{
"cve": "CVE-2024-39689",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-39689"
},
{
"cve": "CVE-2024-4032",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-4032"
},
{
"cve": "CVE-2024-41110",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-41110"
},
{
"cve": "CVE-2024-4317",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-4317"
},
{
"cve": "CVE-2024-4741",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5206",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-5206"
},
{
"cve": "CVE-2024-5535",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6232",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6345",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-6345"
},
{
"cve": "CVE-2024-6655",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-6655"
},
{
"cve": "CVE-2024-7264",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-7592",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-53295",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-53295"
},
{
"cve": "CVE-2024-51534",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-51534"
},
{
"cve": "CVE-2024-53296",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-53296"
}
]
}
wid-sec-w-2024-0699
Vulnerability from csaf_certbund
Published
2024-03-24 23:00
Modified
2025-06-17 22:00
Summary
Linux-Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen nicht spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen nicht spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0699 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0699.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0699 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0699"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47136"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47137"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47138"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47139"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47140"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47141"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47142"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47143"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47144"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47145"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47146"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47147"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47148"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47149"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47150"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47151"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47152"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47153"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47154"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47155"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47156"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47157"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47158"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47159"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47160"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47161"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47162"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47163"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47164"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47165"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47166"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47167"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47168"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47169"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47170"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47171"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47172"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47173"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47174"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47175"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2024-03-24",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47176"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018431.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3618"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3627"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1979-1 vom 2024-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018685.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2184-1 vom 2024-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018807.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03",
"url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2493-1 vom 2024-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018984.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162077 vom 2024-07-31",
"url": "https://www.ibm.com/support/pages/node/7162077"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-348 vom 2024-08-06",
"url": "https://www.dell.com/support/kbdoc/de-de/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2901-1 vom 2024-08-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019194.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1465-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019273.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1489-1 vom 2024-08-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/D5LYDXV5ACGHUYO5XWLWD5VAOA5HLJ7U/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6976-1 vom 2024-08-22",
"url": "https://ubuntu.com/security/notices/USN-6976-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12606 vom 2024-09-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-12606.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6297 vom 2024-09-04",
"url": "https://access.redhat.com/errata/RHSA-2024:6297"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2024-0011 vom 2024-09-04",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2024-September/001099.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7169778 vom 2024-09-24",
"url": "https://www.ibm.com/support/pages/node/7169778"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4100-1 vom 2024-11-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019864.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4367-1 vom 2024-12-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020025.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0034-1 vom 2025-01-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020071.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0035-1 vom 2025-01-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020070.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2775 vom 2025-03-07",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2775.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-1 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-2 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-4 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-3 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-5 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-3 vom 2025-05-12",
"url": "https://ubuntu.com/security/notices/USN-7506-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-1 vom 2025-05-12",
"url": "https://ubuntu.com/security/notices/USN-7506-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-2 vom 2025-05-12",
"url": "https://ubuntu.com/security/notices/USN-7506-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-4 vom 2025-05-13",
"url": "https://ubuntu.com/security/notices/USN-7506-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1574-1 vom 2025-05-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020835.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01633-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020864.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01983-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021538.html"
}
],
"source_lang": "en-US",
"title": "Linux-Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe",
"tracking": {
"current_release_date": "2025-06-17T22:00:00.000+00:00",
"generator": {
"date": "2025-06-18T08:45:43.200+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-0699",
"initial_release_date": "2024-03-24T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-03-24T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-04-28T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-04T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-06-06T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-10T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-31T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-19T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-21T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-02T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-04T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat und ORACLE aufgenommen"
},
{
"date": "2024-09-23T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-28T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-09T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-05-06T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-12T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-21T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "30"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T024663",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.11",
"product": {
"name": "Dell NetWorker \u003c19.11",
"product_id": "T035785"
}
},
{
"category": "product_version",
"name": "19.11",
"product": {
"name": "Dell NetWorker 19.11",
"product_id": "T035785-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.11"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.16.3",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.16.3",
"product_id": "T037795"
}
},
{
"category": "product_version",
"name": "10.1.16.3",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.16.3",
"product_id": "T037795-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.16.3"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T033646",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47136",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47136"
},
{
"cve": "CVE-2021-47137",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47137"
},
{
"cve": "CVE-2021-47138",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47138"
},
{
"cve": "CVE-2021-47139",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47139"
},
{
"cve": "CVE-2021-47140",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47140"
},
{
"cve": "CVE-2021-47141",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47141"
},
{
"cve": "CVE-2021-47142",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47142"
},
{
"cve": "CVE-2021-47143",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47143"
},
{
"cve": "CVE-2021-47144",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47144"
},
{
"cve": "CVE-2021-47145",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47145"
},
{
"cve": "CVE-2021-47146",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47146"
},
{
"cve": "CVE-2021-47147",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47147"
},
{
"cve": "CVE-2021-47148",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47148"
},
{
"cve": "CVE-2021-47149",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47149"
},
{
"cve": "CVE-2021-47150",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47150"
},
{
"cve": "CVE-2021-47151",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47151"
},
{
"cve": "CVE-2021-47152",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47152"
},
{
"cve": "CVE-2021-47153",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47153"
},
{
"cve": "CVE-2021-47158",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47158"
},
{
"cve": "CVE-2021-47159",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47159"
},
{
"cve": "CVE-2021-47160",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47160"
},
{
"cve": "CVE-2021-47161",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47161"
},
{
"cve": "CVE-2021-47162",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47163",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47163"
},
{
"cve": "CVE-2021-47164",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47164"
},
{
"cve": "CVE-2021-47165",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47165"
},
{
"cve": "CVE-2021-47166",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47166"
},
{
"cve": "CVE-2021-47167",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47167"
},
{
"cve": "CVE-2021-47168",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47168"
},
{
"cve": "CVE-2021-47169",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47169"
},
{
"cve": "CVE-2021-47170",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47170"
},
{
"cve": "CVE-2021-47171",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47172",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47172"
},
{
"cve": "CVE-2021-47173",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47173"
},
{
"cve": "CVE-2021-47174",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47174"
},
{
"cve": "CVE-2021-47175",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47175"
},
{
"cve": "CVE-2021-47176",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47176"
},
{
"cve": "CVE-2021-47177",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47177"
},
{
"cve": "CVE-2021-47178",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47178"
},
{
"cve": "CVE-2021-47179",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47179"
},
{
"cve": "CVE-2021-47180",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T033646",
"T024663",
"398363",
"T004914",
"T035785",
"T037795"
]
},
"release_date": "2024-03-24T23:00:00.000+00:00",
"title": "CVE-2021-47180"
}
]
}
ghsa-86fr-x2qv-cxp5
Vulnerability from github
Published
2024-03-25 12:30
Modified
2025-03-13 21:31
Severity ?
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
tipc: skb_linearize the head skb when reassembling msgs
It's not a good idea to append the frag skb to a skb's frag_list if the frag_list already has skbs from elsewhere, such as this skb was created by pskb_copy() where the frag_list was cloned (all the skbs in it were skb_get'ed) and shared by multiple skbs.
However, the new appended frag skb should have been only seen by the current skb. Otherwise, it will cause use after free crashes as this appended frag skb are seen by multiple skbs but it only got skb_get called once.
The same thing happens with a skb updated by pskb_may_pull() with a skb_cloned skb. Li Shuang has reported quite a few crashes caused by this when doing testing over macvlan devices:
[] kernel BUG at net/core/skbuff.c:1970! [] Call Trace: [] skb_clone+0x4d/0xb0 [] macvlan_broadcast+0xd8/0x160 [macvlan] [] macvlan_process_broadcast+0x148/0x150 [macvlan] [] process_one_work+0x1a7/0x360 [] worker_thread+0x30/0x390
[] kernel BUG at mm/usercopy.c:102! [] Call Trace: [] __check_heap_object+0xd3/0x100 [] __check_object_size+0xff/0x16b [] simple_copy_to_iter+0x1c/0x30 [] __skb_datagram_iter+0x7d/0x310 [] __skb_datagram_iter+0x2a5/0x310 [] skb_copy_datagram_iter+0x3b/0x90 [] tipc_recvmsg+0x14a/0x3a0 [tipc] [] _sysrecvmsg+0x91/0x150 [] _sys_recvmsg+0x7b/0xc0
[] kernel BUG at mm/slub.c:305! [] Call Trace: [] [] kmem_cache_free+0x3ff/0x400 [] __netif_receive_skb_core+0x12c/0xc40 [] ? kmem_cache_alloc+0x12e/0x270 [] netif_receive_skb_internal+0x3d/0xb0 [] ? get_rx_page_info+0x8e/0xa0 [be2net] [] be_poll+0x6ef/0xd00 [be2net] [] ? irq_exit+0x4f/0x100 [] net_rx_action+0x149/0x3b0
...
This patch is to fix it by linearizing the head skb if it has frag_list set in tipc_buf_append(). Note that we choose to do this before calling skb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can not just drop the frag_list either as the early time.
{
"affected": [],
"aliases": [
"CVE-2021-47162"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-25T10:15:08Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"id": "GHSA-86fr-x2qv-cxp5",
"modified": "2025-03-13T21:31:02Z",
"published": "2024-03-25T12:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47162"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2021-47162
Vulnerability from fkie_nvd
Published
2024-03-25 10:15
Modified
2025-03-13 21:23
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
tipc: skb_linearize the head skb when reassembling msgs
It's not a good idea to append the frag skb to a skb's frag_list if
the frag_list already has skbs from elsewhere, such as this skb was
created by pskb_copy() where the frag_list was cloned (all the skbs
in it were skb_get'ed) and shared by multiple skbs.
However, the new appended frag skb should have been only seen by the
current skb. Otherwise, it will cause use after free crashes as this
appended frag skb are seen by multiple skbs but it only got skb_get
called once.
The same thing happens with a skb updated by pskb_may_pull() with a
skb_cloned skb. Li Shuang has reported quite a few crashes caused
by this when doing testing over macvlan devices:
[] kernel BUG at net/core/skbuff.c:1970!
[] Call Trace:
[] skb_clone+0x4d/0xb0
[] macvlan_broadcast+0xd8/0x160 [macvlan]
[] macvlan_process_broadcast+0x148/0x150 [macvlan]
[] process_one_work+0x1a7/0x360
[] worker_thread+0x30/0x390
[] kernel BUG at mm/usercopy.c:102!
[] Call Trace:
[] __check_heap_object+0xd3/0x100
[] __check_object_size+0xff/0x16b
[] simple_copy_to_iter+0x1c/0x30
[] __skb_datagram_iter+0x7d/0x310
[] __skb_datagram_iter+0x2a5/0x310
[] skb_copy_datagram_iter+0x3b/0x90
[] tipc_recvmsg+0x14a/0x3a0 [tipc]
[] ____sys_recvmsg+0x91/0x150
[] ___sys_recvmsg+0x7b/0xc0
[] kernel BUG at mm/slub.c:305!
[] Call Trace:
[] <IRQ>
[] kmem_cache_free+0x3ff/0x400
[] __netif_receive_skb_core+0x12c/0xc40
[] ? kmem_cache_alloc+0x12e/0x270
[] netif_receive_skb_internal+0x3d/0xb0
[] ? get_rx_page_info+0x8e/0xa0 [be2net]
[] be_poll+0x6ef/0xd00 [be2net]
[] ? irq_exit+0x4f/0x100
[] net_rx_action+0x149/0x3b0
...
This patch is to fix it by linearizing the head skb if it has frag_list
set in tipc_buf_append(). Note that we choose to do this before calling
skb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can
not just drop the frag_list either as the early time.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026 | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.13 | |
| linux | linux_kernel | 5.13 | |
| linux | linux_kernel | 5.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6EB76-316E-412C-B3FF-6500D60AB68E",
"versionEndExcluding": "4.4.271",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7DAE3A-78E9-45DB-96D8-4541CD7DC26B",
"versionEndExcluding": "4.9.271",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A23445-0C1A-42AB-AC5C-768360DDF32C",
"versionEndExcluding": "4.14.235",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DEF3EC-88D9-4B89-8CF9-64BD6C863C9D",
"versionEndExcluding": "4.19.193",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06FE0F99-F7A9-462A-8355-30E2EDA9826B",
"versionEndExcluding": "5.4.124",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E7E799-1C8A-45FB-9E07-4731996144C9",
"versionEndExcluding": "5.10.42",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8A1D02-81A7-44E5-ACFD-CC6A6694F930",
"versionEndExcluding": "5.12.9",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: skb_linearize el skb principal al volver a ensamblar mensajes No es una buena idea agregar el frag skb a la frag_list de un skb si la frag_list ya tiene skbs de otro lugar, como por ejemplo este skb fue creado por pskb_copy() donde se clon\u00f3 frag_list (todos los skbs que conten\u00eda fueron skb_get\u0027ed) y se comparti\u00f3 con varios skbs. Sin embargo, el nuevo fragmento skb adjunto solo deber\u00eda haber sido visto por el skb actual. De lo contrario, causar\u00e1 uso despu\u00e9s de fallas gratuitas, ya que varios skbs ven este fragmento skb agregado, pero solo se llam\u00f3 a skb_get una vez. Lo mismo sucede con un skb actualizado por pskb_may_pull() con un skb skb_cloned. Li Shuang ha informado de bastantes fallos causados por esto al realizar pruebas en dispositivos macvlan: [] \u00a1ERROR del kernel en net/core/skbuff.c:1970! [] Seguimiento de llamadas: [] skb_clone+0x4d/0xb0 [] macvlan_broadcast+0xd8/0x160 [macvlan] [] macvlan_process_broadcast+0x148/0x150 [macvlan] [] Process_one_work+0x1a7/0x360 [] trabajador_thread+0x30/0x390 [] ERROR del kernel en mm/usercopy.c:102! [] Seguimiento de llamadas: [] __check_heap_object+0xd3/0x100 [] __check_object_size+0xff/0x16b [] simple_copy_to_iter+0x1c/0x30 [] __skb_datagram_iter+0x7d/0x310 [] __skb_datagram_iter+0x2a5/0x310 [] skb_copy_datagram _iter+0x3b/0x90 [] tipc_recvmsg +0x14a/0x3a0 [tipc] [] ____sys_recvmsg+0x91/0x150 [] ___sys_recvmsg+0x7b/0xc0 [] \u00a1ERROR del kernel en mm/slub.c:305! [] Seguimiento de llamadas: [] [] kmem_cache_free+0x3ff/0x400 [] __netif_receive_skb_core+0x12c/0xc40 [] ? kmem_cache_alloc+0x12e/0x270 [] netif_receive_skb_internal+0x3d/0xb0 [] ? get_rx_page_info+0x8e/0xa0 [be2net] [] be_poll+0x6ef/0xd00 [be2net] [] ? irq_exit+0x4f/0x100 [] net_rx_action+0x149/0x3b0 ... Este parche es para solucionarlo linealizando el skb principal si tiene frag_list configurado en tipc_buf_append(). Tenga en cuenta que elegimos hacer esto antes de llamar a skb_unshare(), ya que __skb_linearize() evitar\u00e1 skb_copy(). Adem\u00e1s, tampoco podemos simplemente eliminar frag_list desde el principio."
}
],
"id": "CVE-2021-47162",
"lastModified": "2025-03-13T21:23:24.410",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-25T10:15:08.480",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…